PCCSE Online Practice Questions and Answers
Which policy type in Prisma Cloud can protect against malware?
A. Data
B. config
C. Network
D. Event
Which API calls can scan an image named myimage: latest with twistcli and then retrieve the results from Console?
A. $ twistcli images scan \ --address \ --user \ --password \ --verbose \ myimage: latest
B. $ twistcli images scan \ --address \ --user \ --password \ --details \ myimage: latest
C. $ twistcli images scan \ --address \ --user \ --password \ myimage: latest
D. $ twistcli images scan \ --address \ --user \ --password \ --console \ myimage: latest
Which three fields are mandatory when authenticating the Prisma Cloud plugin in the IntelliJ application? (Choose three.)
A. Secret Key
B. Prisma Cloud API URL
C. Tags
D. Access Key
E. Asset Name
The security team wants to enable the "block" option under compliance checks on the host. What effect will this option have if it violates the compliance check?
A. The host will be taken o ine.
B. Additional hosts will be prevented form starting.
C. Containers on a host will be stopped.
D. No containers will be allowed to start on that host.
What is the most reliable and extensive source for documentation on Prisma Cloud APIs?
A. prisma.pan.dev
B. docs.paloaltonetworks.com
C. Prisma Cloud Administrator's Guide
D. Live Community
Which action would be applicable after enabling anomalous compute provisioning?
A. It detects the activity caused by the spambot.
B. It detects unusual server port activity or unusual protocol activity from a client within or outside the cloud environment.
C. It detects potential creation of an unauthorized network of compute instances with AutoFocus.
D. It detects potential creation of an unauthorized network of compute instances either accidentally or for cryptojacking.
How many CLI remediation commands can be added in a custom policy sequence?
A. 2
B. 1
C. 4
D. 5
Which role does Prisma Cloud play when configuring SSO?
A. JIT
B. Service provider
C. SAML
D. Identity provider issuer
The exclamation mark on the resource explorer page would represent?
A. resource has been deleted
B. the resource was modified recently
C. resource has alerts
D. resource has compliance violation
Which policy type should be used to detect and alert on cryptominer network activity?
A. Anomaly
B. Config-run
C. Config-build
D. Audit event
Prisma Cloud supports which three external systems that allow the import of vulnerabilities and provide additional context on risks in the cloud? (Choose three.)
A. Splunk
B. Qualys
C. Amazon Inspector
D. Amazon GuardDuty
E. ServiceNow
Which three options for hardening a customer environment against misconfiguration are included in Prisma Cloud Compute compliance enforcement for hosts? (Choose three.)
A. Serverless functions
B. Docker daemon configuration
C. Cloud provider tags
D. Host configuration
E. Hosts without Defender agents
What is a benefit of the Cloud Discovery feature?
A. It does not require any specific permissions to be granted before use.
B. It enables engineers to continuously monitor all accounts and report on the services that are unprotected.
C. It offers coverage for serverless functions on AWS only.
D. It helps engineers find all cloud-native services being used only on AWS.
Based on the following information, which RQL query will satisfy the requirement to identify VM hosts deployed to organization public cloud environments exposed to network traffic from the internet and affected by Text4Shell RCE (CVE2022-42889) vulnerability?
Network flow logs from all virtual private cloud (VPC) subnets are ingested to the Prisma Cloud Enterprise Edition tenant. All virtual machines (VMs) have Prisma Cloud Defender deployed.
A. network from vpc.flow_record where bytes > 0 AND dest.resource IN (resource where finding.type IN ('Host Vulnerability') AND finding.source IN ('Prisma Cloud') AND finding.name IN ('CVE-2022-42889')) AND source.publicnetwork IN ('Internet IPs', 'Suspicious IPs')
B. config from vpc.flow_record where bytes > 0 AND dest.resource IN (resource where finding.type IN ('Host Vulnerability') AND finding.source IN ('Prisma Cloud') AND finding.name IN ('CVE-2022-42889')) AND source.publicnetwork = ('Internet IPs' or 'Suspicious IPs')
C. network from vpc.flow_record where bytes > 0 AND finding.type IN ('Host Vulnerability') AND finding.source IN ('Prisma Cloud') AND finding.name IN ('CVE-2022-42889') AND source.publicnetwork = 'Internet IPs'
D. config from cloud.resource where cloud.type = 'aws' AND api.name = 'aws-ec2-describe-instances' AND json.rule = publicIpAddress exists AND finding.type IN ('Host Vulnerability') AND finding.source IN ('Prisma Cloud') AND finding.name IN ('CVE-2022-42889')
Which command should be used in the Prisma Cloud twistcli tool to scan the nginx:latest image for vulnerabilities and compliance issues?
A. $ twistcli images scan --console-address --user --password --output-file scan-results.json nginx:latest
B. $ twistcli images scan --address --user --password --details nginx:latest
C. $ twistcli images build --console-address --user --password --details nginx:latest
D. $ twistcli images scan --address --username --password --details nginx:latest
Why select/choose certbus.com?
Millions of interested professionals can touch the destination of success in exams by certbus.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.
Copyright © 2004-2025 certbus.com, All Rights Reserved.