ExamGecko
Search Search Login
Home Home / Palo Alto Networks / PCCSE
Question list
Search
Search

List of questions

Search
Open VPLUS File
Convert VPLUS to PDF

Related questions

Which three types of runtime rules can be created? (Choose three.)
DRAG DROP What is the order of steps in a Jenkins pipeline scan? (Drag the steps into the correct order of occurrence, from the first step to the last.)
DRAG DROP Match the correct scanning mode for each given operation. (Select your answer from the pull-down list. Answers may be used more than once or not at all.)
Which type of query is used for scanning Infrastructure as Code (laC) templates?
Where can a user submit an external new feature request?
What should be used to associate Prisma Cloud policies with compliance frameworks?
Which two variables must be modified to achieve automatic remediation for identity and access management (IAM) alerts in Azure cloud? (Choose two.)
A customer has a requirement to restrict any container from resolving the name www.evil-url.com . How should the administrator configure Prisma Cloud Compute to satisfy this requirement?
A Prisma Cloud administrator is onboarding a single GCP project to Prisma Cloud. Which two steps can be performed by the Terraform script? (Choose two.)
DRAG DROP You wish to create a custom policy with build and run subtypes. Match the query types for each example. (Select your answer from the pull-down list. Answers may be used more than once or not at all.)

Question 234 - PCCSE discussion

Report
Export

A customer's Security Operations Center (SOC) team wants to receive alerts from Prisma Cloud via email once a day about all policies that have a violation, rather than receiving an alert every time a new violation occurs.

Which alert rule configuration meets this requirement?

A.
Configure an alert rule with all the defaults except selecting email within the 'Alert Notifications' tab and specifying recipient.
Answers
A.
Configure an alert rule with all the defaults except selecting email within the 'Alert Notifications' tab and specifying recipient.
B.
Configure an alert rule. Under the 'Policies' tab, select 'High Risk Severity Policies.' In the 'Set Alert Notifications' tab, select 'Email > Recurring,' set to repeat every 1 day, and enable 'Email.'
Answers
B.
Configure an alert rule. Under the 'Policies' tab, select 'High Risk Severity Policies.' In the 'Set Alert Notifications' tab, select 'Email > Recurring,' set to repeat every 1 day, and enable 'Email.'
C.
Set up email integrations under the 'Integrations' tab in 'Settings' and create a notification template.
Answers
C.
Set up email integrations under the 'Integrations' tab in 'Settings' and create a notification template.
D.
Configure an alert rule. Under the 'Policies' tab, select 'All Policies.' In the 'Set Alert Notifications' tab, select 'Email > Recurring,' set to repeat every 1 day, and then enable 'Email.'
Answers
D.
Configure an alert rule. Under the 'Policies' tab, select 'All Policies.' In the 'Set Alert Notifications' tab, select 'Email > Recurring,' set to repeat every 1 day, and then enable 'Email.'
Suggested answer: D

Explanation:

To receive daily email alerts for all policy violations, the SOC team should configure an alert rule that encompasses all policies and sets the notification frequency to once per day. This can be achieved by:

Navigating to the ''Policies'' tab within the alert rule configuration and selecting ''All Policies'' to ensure that the rule applies to every policy.

Moving to the ''Set Alert Notifications'' tab and choosing the ''Email'' notification method.

Setting the notification to ''Recurring'' with a frequency of every 1 day.

Enabling the email notification by specifying the recipient's email address.

This configuration ensures that the SOC team will receive a consolidated email once a day that includes information on all policies that have been violated, rather than receiving multiple alerts throughout the day as new violations occur. It allows the team to review the compliance status efficiently and prioritize their response accordingly.

Show Answer
asked 23/09/2024
Tresor Garcia
40 questions
PreviousPreviousNextNext
User
Your answer:
0 comments
Sorted by

Leave a comment first

ExamGecko

Copyright @2023 ExamGecko | All right reserved

Mail us: [email protected]
About us
Contact us
Twitter X
Facebook
Medium
Convert VPLUS to PDF
Open VPLUS files Easily and Quickly
Privacy Policy
Disclaimer
Terms