ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCCSE

Palo Alto Networks PCCSE Practice Test - Questions Answers, Page 3

Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which three types of runtime rules can be created? (Choose three.)
DRAG DROP What is the order of steps in a Jenkins pipeline scan? (Drag the steps into the correct order of occurrence, from the first step to the last.)
DRAG DROP Match the correct scanning mode for each given operation. (Select your answer from the pull-down list. Answers may be used more than once or not at all.)
Where can a user submit an external new feature request?
Which two variables must be modified to achieve automatic remediation for identity and access management (IAM) alerts in Azure cloud? (Choose two.)
A customer has a requirement to restrict any container from resolving the name www.evil-url.com . How should the administrator configure Prisma Cloud Compute to satisfy this requirement?
A Prisma Cloud administrator is onboarding a single GCP project to Prisma Cloud. Which two steps can be performed by the Terraform script? (Choose two.)
Which type of query is used for scanning Infrastructure as Code (laC) templates?
What should be used to associate Prisma Cloud policies with compliance frameworks?
DRAG DROP You wish to create a custom policy with build and run subtypes. Match the query types for each example. (Select your answer from the pull-down list. Answers may be used more than once or not at all.)

Question 21

Report
Export
Collapse

A Prisma Cloud administrator is onboarding a single GCP project to Prisma Cloud. Which two steps can be performed by the Terraform script? (Choose two.)

A.
enable flow logs for Prisma Cloud.
A.
enable flow logs for Prisma Cloud.
Answers
B.
create the Prisma Cloud role.
B.
create the Prisma Cloud role.
Answers
C.
enable the required APIs for Prisma Cloud.
C.
enable the required APIs for Prisma Cloud.
Answers
D.
publish the flow log to a storage bucket.
D.
publish the flow log to a storage bucket.
Answers
Suggested answer: B, C

Explanation:

When a Prisma Cloud administrator is onboarding a single GCP project to Prisma Cloud, the Terraform script can perform several steps to facilitate this integration. The steps include B. create the Prisma Cloud role, which is essential for defining the permissions and capabilities that Prisma Cloud will have within the GCP environment, and C. enable the required APIs for Prisma Cloud, ensuring that Prisma Cloud can access the necessary GCP services and features for comprehensive cloud security management.

Question 22

Report
Export
Collapse

Which statement about build and run policies is true?

A.
Build policies enable you to check for security misconfigurations in the IaC templates.
A.
Build policies enable you to check for security misconfigurations in the IaC templates.
Answers
B.
Every type of policy has auto-remediation enabled by default.
B.
Every type of policy has auto-remediation enabled by default.
Answers
C.
The four main types of policies are: Audit Events, Build, Network, and Run.
C.
The four main types of policies are: Audit Events, Build, Network, and Run.
Answers
D.
Run policies monitor network activities in the environment and check for potential issues during runtime.
D.
Run policies monitor network activities in the environment and check for potential issues during runtime.
Answers
Suggested answer: A

Explanation:

A true statement about build and run policies is A. Build policies enable you to check for security misconfigurations in the IaC templates. This capability is crucial for identifying potential security issues early in the development process, allowing for proactive mitigation before deployment, thereby enhancing the overall security posture of the applications and infrastructure being developed.

Question 23

Report
Export
Collapse

An administrator sees that a runtime audit has been generated for a host. The audit message is:

''Service postfix attempted to obtain capability SHELL by executing /bin/sh /usr/libexec/postfix/postfix- script.stop. Low severity audit, event is automatically added to the runtime model''

Which runtime host policy rule is the root cause for this runtime audit?

A.
Custom rule with specific configuration for file integrity
A.
Custom rule with specific configuration for file integrity
Answers
B.
Custom rule with specific configuration for networking
B.
Custom rule with specific configuration for networking
Answers
C.
Default rule that alerts on capabilities
C.
Default rule that alerts on capabilities
Answers
D.
Default rule that alerts on suspicious runtime behavior
D.
Default rule that alerts on suspicious runtime behavior
Answers
Suggested answer: D

Explanation:

For a runtime audit generated for a host with a message indicating a service attempting to obtain capability by executing a script, the root cause for this runtime audit is most likely related to D. Default rule that alerts on suspicious runtime behavior. This default rule is designed to flag unusual or potentially harmful activities that could indicate a security risk, prompting further investigation.

Question 24

Report
Export
Collapse

Which option identifies the Prisma Cloud Compute Edition?

A.
Package installed with APT
A.
Package installed with APT
Answers
B.
Downloadable, self-hosted software
B.
Downloadable, self-hosted software
Answers
C.
Software-as-a-Service (SaaS)
C.
Software-as-a-Service (SaaS)
Answers
D.
Plugin to Prisma Cloud
D.
Plugin to Prisma Cloud
Answers
Suggested answer: B

Explanation:

The Prisma Cloud Compute Edition is identified as B. Downloadable, self-hosted software. This option indicates that Prisma Cloud Compute Edition is a solution that organizations can deploy within their own infrastructure, providing them with control over the installation, configuration, and management of the security platform.

Question 25

Report
Export
Collapse

Which type of compliance check is available for rules under Defend > Compliance > Containers and Images > CI?

A.
Host
A.
Host
Answers
B.
Container
B.
Container
Answers
C.
Functions
C.
Functions
Answers
D.
Image
D.
Image
Answers
Suggested answer: D

Explanation:

In the context of Defend > Compliance > Containers and Images > CI within Prisma Cloud by Palo Alto Networks, the compliance checks are focused on the security posture and compliance of container images. Therefore, the type of compliance check available under this section would be related to Images, ensuring they adhere to security best practices and compliance standards before being deployed.

Question 26

Report
Export
Collapse

The security team wants to protect a web application container from an SQLi attack. Which type of policy should the administrator create to protect the container?

A.
CNAF
A.
CNAF
Answers
B.
Runtime
B.
Runtime
Answers
C.
Compliance
C.
Compliance
Answers
D.
CNNF
D.
CNNF
Answers
Suggested answer: A

Explanation:

To protect a web application container from an SQL Injection (SQLi) attack, the administrator should create a Cloud Native Application Firewall (CNAF) policy. CNAF policies are designed to protect applications running in containers from various types of attacks, including SQLi, by inspecting the traffic going to and from the containerized applications and blocking malicious requests.

Question 27

Report
Export
Collapse

An S3 bucket within AWS has generated an alert by violating the Prisma Cloud Default policy ''AWS S3 buckets are accessible to public''. The policy definition follows:

config where cloud.type = 'aws' AND api.name='aws-s3api-get-bucket-acl' AND json.rule='((((acl.grants[? (@.grantee=='AllUsers')] size > 0) or policyStatus.isPublic is true) and publicAccessBlockConfiguration does not exist) or ((acl.grants[?(@.grantee=='AllUsers')] size > 0) and publicAccessBlockConfiguration.ignorePublicAcis is false) or (policyStatus.isPublic is true and publicAccessBlockConfiguration.restrictPublicBuckets is false)) and websiteConfiguration does not exist'

Why did this alert get generated?

A.
an event within the cloud account
A.
an event within the cloud account
Answers
B.
network traffic to the S3 bucket
B.
network traffic to the S3 bucket
Answers
C.
configuration of the S3 bucket
C.
configuration of the S3 bucket
Answers
D.
anomalous behaviors
D.
anomalous behaviors
Answers
Suggested answer: C

Explanation:

The alert 'AWS S3 buckets are accessible to public' is generated due to the configuration of the S3 bucket, which has been set in a way that allows public access. The policy definition provided checks for various conditions that would make an S3 bucket publicly accessible, such as grants to 'AllUsers', the absence of a 'publicAccessBlockConfiguration', or specific configurations that do not restrict public access. Therefore, the alert is triggered by the configuration settings of the S3 bucket that violate the policy's criteria for public accessibility.

Question 28

Report
Export
Collapse

A customer is interested in PCI requirements and needs to ensure that no privilege containers can start in the environment.

Which action needs to be set for ''do not use privileged containers''?

A.
Prevent
A.
Prevent
Answers
B.
Alert
B.
Alert
Answers
C.
Block
C.
Block
Answers
D.
Fail
D.
Fail
Answers
Suggested answer: C

Explanation:

Block---Defender stops the entire container if a process that violates your policy attempts to run.

https://docs.prismacloudcompute.com/docs/enterprise_edition/runtime_defense/runtime_defense_containers.html#_effect

Question 29

Report
Export
Collapse

Given an existing ECS Cluster, which option shows the steps required to install the Console in Amazon ECS?

A.
The console cannot natively run in an ECS cluster. A onebox deployment should be used.
A.
The console cannot natively run in an ECS cluster. A onebox deployment should be used.
Answers
B.
Download and extract the release tarball Ensure that each node has its own storage for Console data Create the Console task definition Deploy the task definition
B.
Download and extract the release tarball Ensure that each node has its own storage for Console data Create the Console task definition Deploy the task definition
Answers
C.
Download and extract release tarball Download task from AWS Create the Console task definition Deploy the task definition
C.
Download and extract release tarball Download task from AWS Create the Console task definition Deploy the task definition
Answers
D.
Download and extract the release tarball Create an EFS file system and mount to each node in the cluster Create the Console task definition Deploy the task definition
D.
Download and extract the release tarball Create an EFS file system and mount to each node in the cluster Create the Console task definition Deploy the task definition
Answers
Suggested answer: D

Explanation:

To install the Console in an Amazon ECS Cluster, the steps involve downloading and extracting the release tarball, which contains the necessary files for the Console. Then, an Amazon Elastic File System (EFS) should be created and mounted to each node in the ECS cluster to provide shared storage for Console data. Following this, a Console task definition needs to be created in ECS, which defines how the Console container should run. Finally, this task definition is deployed to the ECS cluster to start the Console.

Question 30

Report
Export
Collapse

Which options show the steps required to upgrade Console when using projects?

A.
Upgrade all Supervisor Consoles Upgrade Central Console
A.
Upgrade all Supervisor Consoles Upgrade Central Console
Answers
B.
Upgrade Central Console Upgrade Central Console Defenders
B.
Upgrade Central Console Upgrade Central Console Defenders
Answers
C.
Upgrade Defender Upgrade Central Console Upgrade Supervisor Consoles
C.
Upgrade Defender Upgrade Central Console Upgrade Supervisor Consoles
Answers
D.
Upgrade Central Console Upgrade all Supervisor Consoles
D.
Upgrade Central Console Upgrade all Supervisor Consoles
Answers
Suggested answer: A

Explanation:

When you have one or more tenant or scale Projects, upgrade all Supervisors before upgrading the Central Console. https://docs.paloaltonetworks.com/prisma/prisma-cloud/20-09/prisma-cloud-compute-edition-admin/upgrade/upgrade_process

Total 260 questions
Go to page: of 26
ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms