ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCCSE
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which three types of runtime rules can be created? (Choose three.)
DRAG DROP What is the order of steps in a Jenkins pipeline scan? (Drag the steps into the correct order of occurrence, from the first step to the last.)
DRAG DROP Match the correct scanning mode for each given operation. (Select your answer from the pull-down list. Answers may be used more than once or not at all.)
Which type of query is used for scanning Infrastructure as Code (laC) templates?
Where can a user submit an external new feature request?
What should be used to associate Prisma Cloud policies with compliance frameworks?
Which two variables must be modified to achieve automatic remediation for identity and access management (IAM) alerts in Azure cloud? (Choose two.)
A customer has a requirement to restrict any container from resolving the name www.evil-url.com . How should the administrator configure Prisma Cloud Compute to satisfy this requirement?
A Prisma Cloud administrator is onboarding a single GCP project to Prisma Cloud. Which two steps can be performed by the Terraform script? (Choose two.)
DRAG DROP You wish to create a custom policy with build and run subtypes. Match the query types for each example. (Select your answer from the pull-down list. Answers may be used more than once or not at all.)

Question 40 - PCCSE discussion

Report
Export

A security team has a requirement to ensure the environment is scanned for vulnerabilities. What are three options for configuring vulnerability policies? (Choose three.)

A.
individual actions based on package type
Answers
A.
individual actions based on package type
B.
output verbosity for blocked requests
Answers
B.
output verbosity for blocked requests
C.
apply policy only when vendor fix is available
Answers
C.
apply policy only when vendor fix is available
D.
individual grace periods for each severity level
Answers
D.
individual grace periods for each severity level
E.
customize message on blocked requests
Answers
E.
customize message on blocked requests
Suggested answer: A, C, D

Explanation:

https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/vulnerability_management/vuln_management_rules

Configuring vulnerability policies within Prisma Cloud involves several options that cater to different aspects of vulnerability management and policy enforcement. Options A, C, and D are valid configurations for vulnerability policies:

A . Individual actions based on package type allow for tailored responses to vulnerabilities found in specific types of software packages, enabling more granular control over the remediation process.

C . Applying policies only when a vendor fix is available helps prioritize the remediation of vulnerabilities for which a patch or update has been released by the software vendor, ensuring efficient use of resources in addressing the most actionable security issues.

D . Setting individual grace periods for each severity level allows organizations to define different time frames for addressing vulnerabilities based on their severity, enabling a prioritized and risk-based approach to vulnerability management.

These configurations support a comprehensive vulnerability management strategy by allowing customization and prioritization based on the nature of the vulnerability, the availability of fixes, and the risk level associated with each vulnerability.

Show Answer
asked 23/09/2024
Darren Sloan
41 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms