ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCCSE

Palo Alto Networks PCCSE Practice Test - Questions Answers, Page 17

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which three types of runtime rules can be created? (Choose three.)
DRAG DROP What is the order of steps in a Jenkins pipeline scan? (Drag the steps into the correct order of occurrence, from the first step to the last.)
DRAG DROP Match the correct scanning mode for each given operation. (Select your answer from the pull-down list. Answers may be used more than once or not at all.)
Which type of query is used for scanning Infrastructure as Code (laC) templates?
Where can a user submit an external new feature request?
What should be used to associate Prisma Cloud policies with compliance frameworks?
Which two variables must be modified to achieve automatic remediation for identity and access management (IAM) alerts in Azure cloud? (Choose two.)
A customer has a requirement to restrict any container from resolving the name www.evil-url.com . How should the administrator configure Prisma Cloud Compute to satisfy this requirement?
A Prisma Cloud administrator is onboarding a single GCP project to Prisma Cloud. Which two steps can be performed by the Terraform script? (Choose two.)
DRAG DROP You wish to create a custom policy with build and run subtypes. Match the query types for each example. (Select your answer from the pull-down list. Answers may be used more than once or not at all.)

Question 161

Report
Export
Collapse

Under which tactic is ''Exploit Public-Facing Application'' categorized in the ATT&CK framework?

A.
Defense Evasion
A.
Defense Evasion
Answers
B.
Initial Access
B.
Initial Access
Answers
C.
Execution
C.
Execution
Answers
D.
Privilege Escalation
D.
Privilege Escalation
Answers
Suggested answer: B

Explanation:

In the MITRE ATT&CK framework, the tactic 'Exploit Public-Facing Application' is categorized under Initial Access. This tactic involves leveraging vulnerabilities in public-facing applications to gain unauthorized access to an organization's external services or applications. Initial Access tactics are concerned with the methods adversaries use to gain an initial foothold within a network, and exploiting public-facing applications is a common approach used by attackers to breach external defenses and establish a presence within a target network.

Question 162

Report
Export
Collapse

Which alert deposition severity must be chosen to generate low and high severity alerts in the Anomaly settings when user wants to report on an unknown browser and OS, impossible time travel, or both due to account hijacking attempts?

A.
High
A.
High
Answers
B.
Aggressive
B.
Aggressive
Answers
C.
Moderate
C.
Moderate
Answers
D.
Conservative
D.
Conservative
Answers
Suggested answer: B

Explanation:

Aggressive: For unusual user activity---Report on either unknown location or service, or both to classify an anomaly. For account hijacking---Report on unknown browser and Operating System, impossible time travel, or both. For anomalous compute provisioning activity---Reports on low and higher severity alerts.

Question 163

Report
Export
Collapse

A user from an organization is unable to log in to Prisma Cloud Console after having logged in the previous day.

Which area on the Console will provide input on this issue?

A.
SSO
A.
SSO
Answers
B.
Audit Logs
B.
Audit Logs
Answers
C.
Users & Groups
C.
Users & Groups
Answers
D.
Access Control
D.
Access Control
Answers
Suggested answer: B

Explanation:

In the event a user is unable to log in to the Prisma Cloud Console, Audit Logs serve as a critical area for investigating the issue. Audit Logs provide a detailed record of activities, including login attempts, within the Prisma Cloud environment. By examining the Audit Logs, administrators can identify failed login attempts, understand the reasons behind login failures (e.g., incorrect credentials, account lockouts, or access policy changes), and take appropriate actions to resolve the login issues, ensuring users can access the console as expected.

Question 164

Report
Export
Collapse

What happens when a role is deleted in Prisma Cloud?

A.
The access key associated with that role is automatically deleted.
A.
The access key associated with that role is automatically deleted.
Answers
B.
Any integrations that use the access key to make calls to Prisma Cloud will stop working.
B.
Any integrations that use the access key to make calls to Prisma Cloud will stop working.
Answers
C.
The users associated with that role will be deleted.
C.
The users associated with that role will be deleted.
Answers
D.
Any user who uses that key will be deleted.
D.
Any user who uses that key will be deleted.
Answers
Suggested answer: A

Explanation:

When you create an access key, the key is tied to the role with which you logged in and if you delete the role, the access key is automatically deleted. https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/manage-prisma-cloud-administrators/create-access-keys

Question 165

Report
Export
Collapse

What is the default namespace created by Defender DaemonSet during deployment?

A.
Redlock
A.
Redlock
Answers
B.
Defender
B.
Defender
Answers
C.
Twistlock
C.
Twistlock
Answers
D.
Default
D.
Default
Answers
Suggested answer: C

Explanation:

the default when using the script is twistlock, but you can use whatever you want. https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/configure/set_diff_paths_daemon_sets

Question 166

Report
Export
Collapse

Which three OWASP protections are part of Prisma Cloud Web-Application and API Security (WAAS) rule? (Choose three.)

A.
DoS Protection
A.
DoS Protection
Answers
B.
Local file inclusion
B.
Local file inclusion
Answers
C.
SQL injection
C.
SQL injection
Answers
D.
Suspicious binary
D.
Suspicious binary
Answers
E.
Shellshock
E.
Shellshock
Answers
Suggested answer: B, C, E

Explanation:

In the Prisma Cloud Web-Application and API Security (WAAS) rules, protections against OWASP-recognized vulnerabilities like Local file inclusion, SQL injection, and Shellshock are included. Local file inclusion involves unauthorized access to files on the server, potentially leading to sensitive information disclosure. SQL injection targets data-driven applications by inserting malicious SQL statements into an entry field, while Shellshock exploits vulnerabilities in Bash, a widely used Unix shell, to execute arbitrary commands. These protections are part of Prisma Cloud's comprehensive approach to securing web applications and APIs against common and severe vulnerabilities.

https://www.paloaltonetworks.com/content/dam/pan/en_US/images/prisma/owasp-top-10-protection-2.png?imwidth=3840 OWASP Top-10 Coverage - Protection against most critical security risks to web applications, including injection flaws, broken authentication, broken access control, security misconfigurations, etc.

Question 167

Report
Export
Collapse

Which of the following is displayed in the asset inventory?

A.
EC2 instances
A.
EC2 instances
Answers
B.
Asset tags
B.
Asset tags
Answers
C.
SSO users
C.
SSO users
Answers
D.
Federated users
D.
Federated users
Answers
Suggested answer: A

Explanation:

The asset inventory in cloud security platforms like Prisma Cloud typically displays a wide range of cloud resources, including EC2 instances. EC2 instances are virtual servers in Amazon's Elastic Compute Cloud (EC2) for running applications on the Amazon Web Services (AWS) infrastructure. The asset inventory provides visibility into these instances, allowing security teams to monitor their configuration, security posture, and compliance status. This visibility is crucial for identifying misconfigurations, vulnerabilities, and ensuring that all EC2 instances adhere to the organization's security policies and compliance requirements.

https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-dashboards/asset-inventory

Question 168

Report
Export
Collapse

What is the frequency to create a compliance report? (Choose two.)

A.
Weekly
A.
Weekly
Answers
B.
One time
B.
One time
Answers
C.
Monthly
C.
Monthly
Answers
D.
Recurring
D.
Recurring
Answers
Suggested answer: B, D

Explanation:

In Prisma Cloud, compliance reports can be generated on a one-time basis or on a recurring schedule. The option for a one-time report allows users to generate a specific report instantly based on the current state of the environment. The recurring option enables users to set up automatic generation of reports at regular intervals, such as weekly or monthly, to track compliance over time. This functionality ensures continuous compliance monitoring and helps in maintaining security standards across cloud resources.

Question 169

Report
Export
Collapse

When configuring SSO how many IdP providers can be enabled for all the cloud accounts monitored by Prisma Cloud?

A.
2
A.
2
Answers
B.
4
B.
4
Answers
C.
1
C.
1
Answers
D.
3
D.
3
Answers
Suggested answer: C

Explanation:

Prisma Cloud supports configuring Single Sign-On (SSO) with Identity Providers (IdPs) to streamline user authentication processes. However, for all the cloud accounts monitored by Prisma Cloud, only one IdP provider can be enabled at any given time. This limitation ensures a unified authentication mechanism across the platform, reducing complexity and potential security risks associated with managing multiple IdP configurations.

Question 170

Report
Export
Collapse

Which two services require external notifications to be enabled for policy violations in the Prisma Cloud environment? (Choose two.)

A.
Splunk
A.
Splunk
Answers
B.
QROC
B.
QROC
Answers
C.
SQS
C.
SQS
Answers
D.
Email
D.
Email
Answers
Suggested answer: A, C

Explanation:

https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/configure-external-integrations-on-prisma-cloud#id24911ff9-c9ec-4503-bb3a-6cfce792a70d

Total 260 questions
Go to page: of 26
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms