ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCCSE

Palo Alto Networks PCCSE Practice Test - Questions Answers, Page 25

Question list
Search
Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which three types of runtime rules can be created? (Choose three.)
DRAG DROP What is the order of steps in a Jenkins pipeline scan? (Drag the steps into the correct order of occurrence, from the first step to the last.)
DRAG DROP Match the correct scanning mode for each given operation. (Select your answer from the pull-down list. Answers may be used more than once or not at all.)
Which type of query is used for scanning Infrastructure as Code (laC) templates?
Where can a user submit an external new feature request?
What should be used to associate Prisma Cloud policies with compliance frameworks?
Which two variables must be modified to achieve automatic remediation for identity and access management (IAM) alerts in Azure cloud? (Choose two.)
A customer has a requirement to restrict any container from resolving the name www.evil-url.com . How should the administrator configure Prisma Cloud Compute to satisfy this requirement?
A Prisma Cloud administrator is onboarding a single GCP project to Prisma Cloud. Which two steps can be performed by the Terraform script? (Choose two.)
DRAG DROP You wish to create a custom policy with build and run subtypes. Match the query types for each example. (Select your answer from the pull-down list. Answers may be used more than once or not at all.)

Question 241

Report
Export
Collapse

DRAG DROP

An administrator needs to write a script that automatically deactivates access keys that have not been used for 30 days.

In which order should the API calls be used to accomplish this task? (Drag the steps into the correct order from the first step to the last.) Select and Place:


Question 241
Correct answer: Question 241

Question 242

Report
Export
Collapse

DRAG DROP

Match the service on the right that evaluates each exposure type on the left.

(Select your answer from the pull-down list. Answers may be used more than once or not at all.)


Question 242
Correct answer: Question 242

Explanation:

https://www.paloaltonetworks.com/prisma/cloud/cloud-data-security

Question 243

Report
Export
Collapse

DRAG DROP

You wish to create a custom policy with build and run subtypes. Match the query types for each example.

(Select your answer from the pull-down list. Answers may be used more than once or not at all.)


Question 243
Correct answer: Question 243

Explanation:

Reference:

https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloudpolicies/create-a- policy.html

Question 244

Report
Export
Collapse

DRAG DROP

Put the steps involved to configure and scan using the IntelliJ plugin in the correct order.


Question 244
Correct answer: Question 244

Question 245

Report
Export
Collapse

Which two attributes are required for a custom config RQL? (Choose two.)

A.
json.rule
A.
json.rule
Answers
B.
cloud.account
B.
cloud.account
Answers
C.
api.name
C.
api.name
Answers
D.
tag
D.
tag
Answers
Suggested answer: A, C

Explanation:

For a custom config Resource Query Language (RQL) in Prisma Cloud, two essential attributes are 'json.rule' and 'api.name.' The 'json.rule' attribute allows users to specify the JSON structure that defines the criteria or conditions of the query, essentially dictating what the query is looking for within the cloud environment. The 'api.name' attribute identifies the specific API endpoint that the query will target, providing context and scope for the query. Together, these attributes enable users to craft precise and targeted queries that can assess the configuration and security posture of cloud resources, aiding in compliance checks, security assessments, and other governance tasks.

Question 246

Report
Export
Collapse

Which type of query is used for scanning Infrastructure as Code (laC) templates?

A.
API
A.
API
Answers
B.
XML
B.
XML
Answers
C.
JSON
C.
JSON
Answers
D.
RQL
D.
RQL
Answers
Suggested answer: C

Explanation:

https://www.paloaltonetworks.com/blog/prisma-cloud/cloud-iac-build-policies/

Question 247

Report
Export
Collapse

A Prisma Cloud Administrator onboarded an AWS cloud account with agentless scanning enabled successfully to Prisma Cloud. Which item requires deploying defenders to be able to inspect the risk on the onboarded AWS account?

A.
Host compliances risks
A.
Host compliances risks
Answers
B.
Container runtime risks
B.
Container runtime risks
Answers
C.
Container vulnerability risks
C.
Container vulnerability risks
Answers
D.
Host vulnerability risks
D.
Host vulnerability risks
Answers
Suggested answer: B

Explanation:

While agentless scanning in Prisma Cloud can effectively assess various risks in cloud environments, including host compliance and vulnerabilities, it does not extend to container runtime risks. To inspect risks associated with container runtimes, such as real-time threat detection, behavioral monitoring, and deep visibility into container activity, deploying Prisma Cloud Defenders is necessary. These Defenders are lightweight agents that provide an additional layer of security by monitoring containerized applications in real-time, thereby offering comprehensive protection against threats that may arise during the runtime phase of containers.

Question 248

Report
Export
Collapse

What are the subtypes of configuration policies in Prisma Cloud?

A.
Build and Deploy
A.
Build and Deploy
Answers
B.
Monitor and Analyze
B.
Monitor and Analyze
Answers
C.
Security and Compliance
C.
Security and Compliance
Answers
D.
Build and Run
D.
Build and Run
Answers
Suggested answer: D

Explanation:

In Prisma Cloud, configuration policies are categorized to align with the different phases of the cloud security lifecycle, emphasizing a holistic approach to cloud security management. The subtypes 'Build and Run' encapsulate this approach by covering both the development phase (Build) - where cloud resources and applications are designed and created, and the operational phase (Run) - where these resources and applications are deployed and actively used. This categorization ensures that security and compliance are integral throughout the lifecycle, from the initial creation of cloud infrastructure and applications to their deployment and day-to-day operation, thereby enhancing the overall security posture.

Question 249

Report
Export
Collapse

Which Prisma Cloud policy type can protect against malware?

A.
Event
A.
Event
Answers
B.
Network
B.
Network
Answers
C.
Config
C.
Config
Answers
D.
Data
D.
Data
Answers
Suggested answer: D

Explanation:

The 'Data' policy type in Prisma Cloud is specifically designed to protect against threats related to data, including malware. These policies focus on securing data at rest and in transit, implementing data loss prevention (DLP) mechanisms, and scanning data stores and payloads for malicious content. By employing data policies, Prisma Cloud ensures that data stored within cloud environments is safeguarded against unauthorized access, exfiltration, and malware, thereby maintaining the integrity and confidentiality of sensitive information.

Question 250

Report
Export
Collapse

DRAG DROP

Move the steps to the correct order to set up and execute a serverless scan using AWS DevOps.


Question 250
Correct answer: Question 250
Total 260 questions
Go to page: of 26
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms