ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCCSE
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which three types of runtime rules can be created? (Choose three.)
DRAG DROP What is the order of steps in a Jenkins pipeline scan? (Drag the steps into the correct order of occurrence, from the first step to the last.)
DRAG DROP Match the correct scanning mode for each given operation. (Select your answer from the pull-down list. Answers may be used more than once or not at all.)
Which type of query is used for scanning Infrastructure as Code (laC) templates?
Where can a user submit an external new feature request?
What should be used to associate Prisma Cloud policies with compliance frameworks?
Which two variables must be modified to achieve automatic remediation for identity and access management (IAM) alerts in Azure cloud? (Choose two.)
A customer has a requirement to restrict any container from resolving the name www.evil-url.com . How should the administrator configure Prisma Cloud Compute to satisfy this requirement?
A Prisma Cloud administrator is onboarding a single GCP project to Prisma Cloud. Which two steps can be performed by the Terraform script? (Choose two.)
DRAG DROP You wish to create a custom policy with build and run subtypes. Match the query types for each example. (Select your answer from the pull-down list. Answers may be used more than once or not at all.)

Question 225 - PCCSE discussion

Report
Export

Console is running in a Kubernetes cluster, and Defenders need to be deployed on nodes within this cluster.

How should the Defenders in Kubernetes be deployed using the default Console service name?

A.
From the deployment page in Console, choose 'twistlock-console' for Console identifier, generate DaemonSet file, and apply DaemonSet to the twistlock namespace.
Answers
A.
From the deployment page in Console, choose 'twistlock-console' for Console identifier, generate DaemonSet file, and apply DaemonSet to the twistlock namespace.
B.
From the deployment page, configure the cloud credential in Console and allow cloud discovery to auto-protect the Kubernetes nodes.
Answers
B.
From the deployment page, configure the cloud credential in Console and allow cloud discovery to auto-protect the Kubernetes nodes.
C.
From the deployment page in Console, choose 'twistlock-console' for Console identifier and run the 'curl | bash' script on the master Kubernetes node.
Answers
C.
From the deployment page in Console, choose 'twistlock-console' for Console identifier and run the 'curl | bash' script on the master Kubernetes node.
D.
From the deployment page in Console, choose 'pod name' for Console identifier, generate DaemonSet file, and apply the DaemonSet to twistlock namespace.
Answers
D.
From the deployment page in Console, choose 'pod name' for Console identifier, generate DaemonSet file, and apply the DaemonSet to twistlock namespace.
Suggested answer: A

Explanation:

In Kubernetes environments, deploying Defenders to protect nodes involves leveraging DaemonSets, which ensure that every node in the cluster runs a copy of a specific pod. When the Console is running within a Kubernetes cluster, it's essential to correctly reference the Console service to ensure seamless communication between Defenders and the Console. Option A is the most straightforward and Kubernetes-native method for deploying Defenders. By choosing 'twistlock-console' as the Console identifier on the deployment page within the Console, users can generate a DaemonSet configuration file tailored for the Twistlock namespace. This approach ensures that the Defenders are correctly configured to communicate with the Console, providing comprehensive security coverage across the Kubernetes nodes. This method aligns with best practices for deploying security agents in Kubernetes and is supported by Prisma Cloud (formerly Twistlock) documentation, which provides step-by-step instructions for deploying Defenders using DaemonSets.

Show Answer
asked 23/09/2024
Ricardo Monsalve
38 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms