ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCCSE

Palo Alto Networks PCCSE Practice Test - Questions Answers, Page 26

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

DRAG DROP What is the order of steps in a Jenkins pipeline scan? (Drag the steps into the correct order of occurrence, from the first step to the last.)
Where can a user submit an external new feature request?
Which three types of runtime rules can be created? (Choose three.)
Which two variables must be modified to achieve automatic remediation for identity and access management (IAM) alerts in Azure cloud? (Choose two.)
A customer has a requirement to restrict any container from resolving the name www.evil-url.com . How should the administrator configure Prisma Cloud Compute to satisfy this requirement?
DRAG DROP Match the correct scanning mode for each given operation. (Select your answer from the pull-down list. Answers may be used more than once or not at all.)
Which type of query is used for scanning Infrastructure as Code (laC) templates?
What should be used to associate Prisma Cloud policies with compliance frameworks?
A Prisma Cloud administrator is onboarding a single GCP project to Prisma Cloud. Which two steps can be performed by the Terraform script? (Choose two.)
DRAG DROP You wish to create a custom policy with build and run subtypes. Match the query types for each example. (Select your answer from the pull-down list. Answers may be used more than once or not at all.)

Question 251

Report
Export
Collapse

DRAG DROP

Put the steps of integrating Okta with Prisma Cloud in the right order in relation to CIEM or SSO okra integration.


Question 251
Correct answer: Question 251

Question 252

Report
Export
Collapse

DRAG DROP

Match the correct scanning mode for each given operation.

(Select your answer from the pull-down list. Answers may be used more than once or not at all.)


Question 252
Correct answer: Question 252

Question 253

Report
Export
Collapse

DRAG DROP

What is the order of steps in a Jenkins pipeline scan?

(Drag the steps into the correct order of occurrence, from the first step to the last.)



Question 253
Correct answer: Question 253

Question 254

Report
Export
Collapse

DRAG DROP

What is the order of steps to create a custom network policy?

(Drag the steps into the correct order of occurrence, from the first step to the last.)


Question 254
Correct answer: Question 254

Explanation:

Reference:

https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloudpolicies/create-a- policy.html

Question 255

Report
Export
Collapse

Which two CI/CD plugins are supported by Prisma Cloud as part of its Code Security? (Choose two.)

A.
Checkov
A.
Checkov
Answers
B.
Visual Studio Code
B.
Visual Studio Code
Answers
C.
CircleCI
C.
CircleCI
Answers
D.
IntelliJ
D.
IntelliJ
Answers
Suggested answer: A, C

Explanation:

https://live.paloaltonetworks.com/t5/blogs/what-is-changing-for-ci-cd-plugins/ba-p/461676

Prisma Cloud has announced changes to its CI/CD plugins due to the acquisition of Bridgecrew1.The existing IaC functionality in Prisma Cloud will be replaced by a Prisma ''cloud code security'' (CCS) module that delivers Bridgecrew integration in Prisma Cloud1.As part of this change, several CI/CD plugins that Prisma Cloud currently uses will either be replaced or modified1.

According to the information from the link, bothCheckovandCircleCIare listed as integrations that will switch to the Prisma ''cloud code security'' (CCS) module1.Checkov is an open-source command-line interface (CLI) utility that includes more than 750 predefined policies and supports custom policies1.CircleCI is a continuous integration and continuous delivery platform1.

Question 256

Report
Export
Collapse

Which IAM RQL query would correctly generate an output to view users who enabled console access with both access keys and passwords?

A.
config from network where api.name = 'aws-iam-get-credential-report' AND json.rule = cert_1_active is true or cert_2_active is true and password_enabled equals 'true'
A.
config from network where api.name = 'aws-iam-get-credential-report' AND json.rule = cert_1_active is true or cert_2_active is true and password_enabled equals 'true'
Answers
B.
config from cloud.resource where api.name = 'aws-iam-get-credential-report' AND json.rule = access_key_1_active is true or access_key_2_active is true and password_enabled equals 'true'
B.
config from cloud.resource where api.name = 'aws-iam-get-credential-report' AND json.rule = access_key_1_active is true or access_key_2_active is true and password_enabled equals 'true'
Answers
C.
config from cloud.resource where api.name = 'aws-iam-get-credential-report' AND json.rule = access_key_1_active is false or access_key_2_active is true and password_enabled equals '*'
C.
config from cloud.resource where api.name = 'aws-iam-get-credential-report' AND json.rule = access_key_1_active is false or access_key_2_active is true and password_enabled equals '*'
Answers
D.
config where api.name = 'aws-iam-get-credential-report' AND json.rule= access_key_1_active is true or access_key_2_active is true and password_enabled equals ''true''
D.
config where api.name = 'aws-iam-get-credential-report' AND json.rule= access_key_1_active is true or access_key_2_active is true and password_enabled equals ''true''
Answers
Suggested answer: B

Explanation:

View users who enabled console access with both access keys and passwords: config from cloud.resource where api.name = 'aws-iam-get-credential-report' AND json.rule = access_key_1_active is true or access_key_2_active is true and password_enabled is true https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-rql-reference/rql-reference/config-query/config-query-examples


Question 257

Report
Export
Collapse

Given the following audit event activity snippet:

Which RQL will be triggered by the audit event?

A)

B)

C)

D)

A.
Option A
A.
Option A
Answers
B.
Option B
B.
Option B
Answers
C.
Option C
C.
Option C
Answers
D.
Option D
D.
Option D
Answers
Suggested answer: B

Explanation:

The correct RQL that will be triggered by the audit event shown in the snippet is Option B. This RQL specifies operations related to storage bucket creation and deletion, which match the provided audit event activity snippet that includes a request to set IAM permissions on a storage bucket. The RQL is designed to capture events that may indicate changes in access permissions or potential data security concerns.

Question 258

Report
Export
Collapse

Given the following RQL:

Which audit event snippet is identified by the RQL?

A)

B)

C)

D)

A.
Option A
A.
Option A
Answers
B.
Option B
B.
Option B
Answers
C.
Option C
C.
Option C
Answers
D.
Option D
D.
Option D
Answers
Suggested answer: D

Explanation:

The RQL provided is designed to capture certain network-related operations, including the creation and deletion of compute firewall rules. The audit event snippet that matches this RQL is Option D, as it includes a 'compute.firewalls.delete' operation within its request, aligning with the specified RQL's criteria.

Question 259

Report
Export
Collapse

Which command should be used in the Prisma Cloud twistcli tool to scan the nginx:latest image for vulnerabilities and compliance issues?

A)

B)

C)

D)

A.
Option A
A.
Option A
Answers
B.
Option B
B.
Option B
Answers
C.
Option C
C.
Option C
Answers
D.
Option D
D.
Option D
Answers
Suggested answer: D

Explanation:

The correct command to scan the nginx:latest image for vulnerabilities and compliance issues using the Prisma Cloud twistcli tool is shown in Option D. This command uses twistcli images scan with specified parameters for the console address, username, and password, and it outputs the results to a file named scan-results.json. This allows for the scanning results to be saved and reviewed in a structured format, which aids in further analysis and tracking of vulnerabilities and compliance issues.

Question 260

Report
Export
Collapse

Based on the following information, which RQL query will satisfy the requirement to identify VM hosts deployed to organization public cloud environments exposed to network traffic from the internet and affected by Text4Shell RCE (CVE-2022-42889) vulnerability?

* Network flow logs from all virtual private cloud (VPC) subnets are ingested to the Prisma Cloud Enterprise Edition tenant.

* All virtual machines (VMs) have Prisma Cloud Defender deployed.

A)

B)

C)

D)

A.
Option A
A.
Option A
Answers
B.
Option B
B.
Option B
Answers
C.
Option C
C.
Option C
Answers
D.
Option D
D.
Option D
Answers
Suggested answer: A

Explanation:

The RQL query in Option A is designed to identify VM hosts that are exposed to internet traffic and are affected by the Text4Shell RCE vulnerability (CVE-2022-42889). This query looks for network flow records with byte transfers indicating activity and filters for resources with host vulnerability findings sourced from 'Prisma Cloud'. It also checks for exposure to suspicious or internet IPs, satisfying the criteria for the given scenario.

Total 260 questions
Go to page: of 26
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms