New Year Special 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: save70

Free and Premium Paloalto Networks PCCSE Dumps Questions Answers

Page: 1 / 20
Total 260 questions

Prisma Certified Cloud Security Engineer Questions and Answers

Question 1

Which policy type in Prisma Cloud can protect against malware?

Options:

A.

Data

B.

Config

C.

Network

D.

Event

Buy Now
Question 2

Creation of a new custom compliance standard that is based on other individual custom compliance standards needs to be automated.

Assuming the necessary data from other standards has been collected, which API order should be used for this new compliance standard?

Question 3

Prisma Cloud cannot integrate which of the following secrets managers?

Options:

A.

IBM Secret Manager

B.

AzureKey Vault

C.

HashiCorp Vault

D.

AWS Secret Manager

Question 4

Which two IDE plugins are supported by Prisma Cloud as part of its DevOps Security? (Choose two.)

Options:

A.

BitBucket

B.

Visual Studio Code

C.

CircleCI

D.

IntelliJ

Question 5

The InfoSec team wants to be notified via email each time a Security Group is misconfigured. Which Prisma Cloud tab should you choose to complete this request?

Options:

A.

Notifications

B.

Policies

C.

Alert Rules

D.

Events

Question 6

The security team wants to enable the “block” option under compliance checks on the host.

What effect will this option have if it violates the compliance check?

Options:

A.

The host will be taken offline.

B.

Additional hosts will be prevented form starting.

C.

Containers on a host will be stopped.

D.

No containers will be allowed to start on that host.

Question 7

A container and image compliance rule has been configured by enabling all checks; however, upon review, the container's compliance view reveals only the entries in the image below.

What is the appropriate action to take next?

Options:

A.

Deploy defenders to scan complete container compliance.

B.

Wait until Prisma Cloud finishes the compliance scan and recheck.

C.

Change the rule options to list both failed and passed checks in the compliance rule edit window.

D.

Change the rule options to list only failed checks in the compliance rule edit window.

Question 8

Which API calls can scan an image named myimage: latest with twistcli and then retrieve the results from Console?

Options:

A.

$ twistcli images scan \

--address \

--user \

--password \

--verbose \

myimage: latest

B.

$ twistcli images scan \

--address \

--user \

--password \

--details \

myimage: latest

C.

$ twistcli images scan \

--address \

--user \

--password \

myimage: latest

D.

$ twistcli images scan \

--address \

--user \

--password \

--console \

myimage: latest

Question 9

Which three serverless runtimes are supported by Prisma Cloud for vulnerability and compliance scans? (Choose three.)

Options:

A.

Swift

B.

Python

C.

Dart

D.

Java

E.

Node.js

Question 10

A security team has been asked to create a custom policy.

Which two methods can the team use to accomplish this goal? (Choose two.)

Options:

A.

add a new policy

B.

clone an existing policy

C.

disable an out-of-the-box policy

D.

edit the query in the out-of-the-box policy

Question 11

Per security requirements, an administrator needs to provide a list of people who are receiving e-mails for Prisma Cloud alerts.

Where can the administrator locate this list of e-mail recipients?

Options:

A.

Target section within an Alert Rule.

B.

Notification Template section within Alerts.

C.

Users section within Settings.

D.

Set Alert Notification section within an Alert Rule.

Question 12

An administrator has added a Cloud account on Prisma Cloud and then deleted it.

What will happen if the deleted account is added back on Prisma Cloud within a 24-hour period?

Options:

A.

No alerts will be displayed.

B.

Existing alerts will be displayed again.

C.

New alerts will be generated.

D.

Existing alerts will be marked as resolved.

Question 13

What is the function of the external ID when onboarding a new Amazon Web Services (AWS) account in Prisma Cloud?

Options:

A.

It is a unique identifier needed only when Monitor & Protect mode is selected.

B.

It is the resource name for the Prisma Cloud Role.

C.

It is a UUID that establishes a trust relationship between the Prisma Cloud account and the AWS account in order to extract data.

D.

It is the default name of the PrismaCloudApp stack.

Question 14

An administrator for Prisma Cloud needs to obtain a graphical view to monitor all connections, including connections across hosts and connections to any configured network objects.

Which setting does the administrator enable or configure to accomplish this task?

Options:

A.

ADEM

B.

WAAS Analytics

C.

Telemetry

D.

Cloud Native Network Firewall

E.

Host Insight

Question 15

Review this admission control policy:

match[{"msg": msg}] { input.request.operation == "CREATE" input.request.kind.kind == "Pod" input.request.resource.resource == "pods"

input.request.object.spec.containers[_].securityContext.privileged msg := "Privileged"

}

Which response to this policy will be achieved when the effect is set to “block”?

Options:

A.

The policy will block all pods on a Privileged host.

B.

The policy will replace Defender with a privileged Defender.

C.

The policy will alert only the administrator when a privileged pod is created.

D.

The policy will block the creation of a privileged pod.

Question 16

Which two elements are included in the audit trail section of the asset detail view? (Choose two).

Options:

A.

Configuration changes

B.

Findings

C.

Overview

D.

Alert and vulnerability events

Question 17

Which two statements explain differences between build and run config policies? (Choose two.)

Options:

A.

Run and Network policies belong to the configuration policy set.

B.

Build policies allow checking for security misconfigurations in the IaC templates and ensure these issues do not get into production.

C.

Run policies monitor network activities in the environment and check for potential issues during runtime.

D.

Run policies monitor resources and check for potential issues after these cloud resources are deployed.

Question 18

Which method should be used to authenticate to Prisma Cloud Enterprise programmatically?

Options:

A.

single sign-on

B.

SAML

C.

basic authentication

D.

access key

Question 19

An administrator of Prisma Cloud wants to enable role-based access control for Docker engine.

Which configuration step is needed first to accomplish this task?

Options:

A.

Configure Docker’s authentication sequence to first use an identity provider and then Console.

B.

Set Defender’s listener type to TCP.

C.

Set Docker’s listener type to TCP.

D.

Configure Defender’s authentication sequence to first use an identity provider and then Console.

Question 20

Which command should be used in the Prisma Cloud twistcli tool to scan the nginx:latest image for vulnerabilities and compliance issues?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 21

What is the maximum number of access keys a user can generate in Prisma Cloud with a System Admin role?

Options:

A.

1

B.

2

C.

3

D.

4

Question 22

Given the following audit event activity snippet:

Which RQL will be triggered by the audit event?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 23

Which command correctly outputs scan results to stdout in tabular format and writes scan results to a JSON file while still sending the results to Console?

Options:

A.

$ twistcli images scan

--address

--user

--password

--stdout-tabular

--output-file scan-results.json

nginx:latest

B.

$ twistcli images scan

--address

--username

--password

--details

--json-output scan-results.json

nginx:latest

C.

$ twistcli images scan

--address

--user

--password

--details

--file-output scan-results.json

nginx:latest

D.

$ twistcli images scan

--address

--u

--p

--details

--output-file scan-results.json

nginx:latest

Question 24

Which Prisma Cloud policy type can protect against malware?

Options:

A.

Event

B.

Network

C.

Config

D.

Data

Question 25

A customer has a requirement to terminate any Container from image topSecret:latest when a process named ransomWare is executed.

How should the administrator configure Prisma Cloud Compute to satisfy this requirement?

Options:

A.

set the Container model to manual relearn and set the default runtime rule to block for process protection.

B.

set the Container model to relearn and set the default runtime rule to prevent for process protection.

C.

add a new runtime policy targeted at a specific Container name, add ransomWare process into the denied process list, and set the action to “prevent”.

D.

choose “copy into rule” for the Container, add a ransomWare process into the denied process list, and set the action to “block”.

Question 26

Which Defender type performs registry scanning?

Options:

A.

Serverless

B.

Container

C.

Host

D.

RASP

Question 27

Which step should a SecOps engineer implement in order to create a network exposure policy that identifies instances accessible from any untrusted internet sources?

Options:

A.

In Policy Section-> Add Policy-> Config type -> Define Policy details Like Name,Severity-> Configure RQL query "config from network where source.network = UNTRUSTJNTERNET and dest.resource.type = 'Instance' and dest.cloud.type = 'AWS*" -> define compliance standard -> Define recommendation for remediation & save.

B.

In Policy Section-> Add Policy-> Network type -> Define Policy details Like Name.Severity-> Configure RQL query "network from vpc.flow_record where source.publicnetwork IN ('Suspicious IPs', 'Internet IPs') and dest.resource IN (resource where role IN ('Instance ))" -> define compliance standard -> Define recommendation for remediation & save.

C.

In Policy Section-> Add Policy-> Network type -> Define Policy details Like Name.Severity-> Configure RQL query "network from vpc.flow_record where source.publicnetwork IN ('Suspicious IPs', 'Internet IPs') and dest.resource IN (resource where role IN ( Instance ))" -> define compliance standard -> Define recommendation for remediation & save.

D.

In Policy Section-> Add Policy-> Network type -> Define Policy details Like Name.Severity-> Configure RQL query "config from network where source.network = UNTRUSTJNTERNET and dest.resource.type = 'Instance' and dest.cloud.type = 'AWS'" -> Define recommendation for remediation & save.

Question 28

Prisma Cloud Compute has been installed on Onebox. After Prisma Cloud Console has been accessed. Defender is disconnected and keeps returning the error "No console connectivity" in the logs.

What could be causing the disconnection between Console and Defender in this scenario?

Options:

A.

Port 8083 is not open for Console and Defender communication.

B.

The license key provided to the Console is invalid.

C.

Port 8084 is not open for Console and Defender communication.

D.

Onebox script installed an older version of the Defender.

Question 29

Which two integrated development environment (IDE) plugins are supported by Prisma Cloud as part of its Code Security? (Choose two.)

Options:

A.

Visual Studio Code

B.

IntelliJ

C.

BitBucket

D.

CircleCI

Question 30

Which three incident types will be reflected in the Incident Explorer section of Runtime Defense? (Choose three.)

Options:

A.

Crypto miners

B.

Brute Force

C.

Cross-Site Scripting

D.

Port Scanning

E.

SQL Injection

Question 31

What are two ways to scan container images in Jenkins pipelines? (Choose two.)

Options:

A.

twistcli

B.

Jenkins Docker plugin

C.

Compute Jenkins plugin

D.

Compute Azure DevOps plugin

E.

Prisma Cloud Visual Studio Code plugin with Jenkins integration

Question 32

Taking which action will automatically enable all severity levels?

Options:

A.

Navigate to Settings > Enterprise Settings and enable all severity levels in the alarm center.

B.

Navigate to Policies > Settings and enable all severity levels in the alarm center.

C.

Navigate to Settings > Enterprise Settings and ensure all severity levels are checked under "auto-enable default policies.

D.

Navigate to Policies > Settings and ensure all severity levels are checked under "auto-enable default policies.

Question 33

A security team has a requirement to ensure the environment is scanned for vulnerabilities. What are three options for configuring vulnerability policies? (Choose three.)

Options:

A.

individual actions based on package type

B.

output verbosity for blocked requests

C.

apply policy only when vendor fix is available

D.

individual grace periods for each severity level

E.

customize message on blocked requests

Question 34

Match the service on the right that evaluates each exposure type on the left.

(Select your answer from the pull-down list. Answers may be used more than once or not at all.)

Options:

Question 35

Which type of RQL query should be run to determine if AWS Elastic Compute Cloud (EC2) instances without encryption was enabled?

Options:

A.

NETWORK

B.

EVENT

C.

CONFIG

D.

SECURITY

Question 36

On which cloud service providers can you receive new API release information for Prisma Cloud?

Options:

A.

AWS, Azure, GCP, Oracle, IBM

B.

AWS, Azure, GCP, Oracle, Alibaba

C.

AWS, Azure, GCP, IBM

D.

AWS, Azure, GCP, IBM, Alibaba

Question 37

In Prisma Cloud for Azure Net Effective Permissions Calculation, the following Azure permission levels are supported by which three permissions? (Choose three).

Options:

A.

Resources

B.

Tenant

C.

Subscription

D.

Resource groups

E.

Management Group

Question 38

An S3 bucket within AWS has generated an alert by violating the Prisma Cloud Default policy “AWS S3 buckets are accessible to public”. The policy definition follows:

config where cloud.type = 'aws' AND api.name='aws-s3api-get-bucket-acl' AND json.rule="((((acl.grants[? (@.grantee=='AllUsers')] size > 0) or policyStatus.isPublic is true) and publicAccessBlockConfiguration does not exist) or ((acl.grants[?(@.grantee=='AllUsers')] size > 0) and publicAccessBlockConfiguration.ignorePublicAcis is false) or (policyStatus.isPublic is true and publicAccessBlockConfiguration.restrictPublicBuckets is false)) and websiteConfiguration does not exist"

Why did this alert get generated?

Options:

A.

an event within the cloud account

B.

network traffic to the S3 bucket

C.

configuration of the S3 bucket

D.

anomalous behaviors

Question 39

What is the frequency to create a compliance report? (Choose two.)

Options:

A.

Weekly

B.

One time

C.

Monthly

D.

Recurring

Question 40

A customer has a requirement to scan serverless functions for vulnerabilities.

What is the correct option to configure scanning?

Options:

A.

Configure serverless radar from the Defend > Compliance > Cloud Platforms page.

B.

Embed serverless Defender into the function.

C.

Configure a function scan policy from the Defend > Vulnerabilities > Functions page.

D.

Use Lambda layers to deploy a Defender into the function.

Question 41

Which intensity setting for anomaly alerts is used for the measurement of 100 events over 30 days?

Options:

A.

High

B.

Medium

C.

Low

D.

Very High

Question 42

A customer wants to harden its environment from misconfiguration.

Prisma Cloud Compute Compliance enforcement for hosts covers which three options? (Choose three.)

Options:

A.

Docker daemon configuration files

B.

Docker daemon configuration

C.

Host cloud provider tags

D.

Host configuration

E.

Hosts without Defender agents

Question 43

Which options show the steps required after upgrade of Console?

Options:

A.

Uninstall Defenders Upgrade Jenkins Plugin

Upgrade twistcli where applicable

Allow the Console to redeploy the Defender

B.

Update the Console image in the Twistlock hosted registry Update the Defender image in the Twistlock hosted registry Uninstall Defenders

C.

Upgrade Defenders Upgrade Jenkins Plugin Upgrade twistcli where applicable

D.

Update the Console image in the Twistlock hosted registry Update the Defender image in the Twistlock hosted registry Redeploy Console

Question 44

Which three options for hardening a customer environment against misconfiguration are included in Prisma Cloud Compute compliance enforcement for hosts? (Choose three.)

Options:

A.

Serverless functions

B.

Docker daemon configuration

C.

Cloud provider tags

D.

Host configuration

E.

Hosts without Defender agents

Question 45

Which action would be applicable after enabling anomalous compute provisioning?

Options:

A.

It detects the activity caused by the spambot.

B.

It detects unusual server port activity or unusual protocol activity from a client within or outside the cloud environment.

C.

It detects potential creation of an unauthorized network of compute instances with AutoFocus.

D.

It detects potential creation of an unauthorized network of compute instances either accidentally or for cryptojacking.

Question 46

The security team wants to target a CNAF policy for specific running Containers. How should the administrator scope the policy to target the Containers?

Options:

A.

scope the policy to Image names.

B.

scope the policy to namespaces.

C.

scope the policy to Defender names.

D.

scope the policy to Host names.

Question 47

A customer has a large environment that needs to upgrade Console without upgrading all Defenders at one time.

What are two prerequisites prior to performing a rolling upgrade of Defenders? (Choose two.)

Options:

A.

manual installation of the latest twistcli tool prior to the rolling upgrade

B.

all Defenders set in read-only mode before execution of the rolling upgrade

C.

a second location where you can install the Console

D.

additional workload licenses are required to perform the rolling upgrade

E.

an existing Console at version n-1

Question 48

Prisma Cloud supports sending audit event records to which three targets? (Choose three.)

Options:

A.

SNMP Traps

B.

Syslog

C.

Stdout

D.

Prometheus

E.

Netflow

Question 49

What will happen when a Prisma Cloud Administrator has configured agentless scanning in an environment that also has Host and Container Defenders deployed?

Options:

A.

Agentless scan will automatically be disabled, so Defender scans are the only scans occurring.

B.

Agentless scans do not conflict with Defender scans, so both will run.

C.

Defender scans will automatically be disabled, so agentless scans are the only scans occurring.

D.

Both agentless and Defender scans will be disabled and an error message will be received.

Question 50

Which type of compliance check is available for rules under Defend > Compliance > Containers and Images > CI?

Options:

A.

Host

B.

Container

C.

Functions

D.

Image

Question 51

While writing a custom RQL with array objects in the investigate page, which type of auto-suggestion a user can leverage?

Options:

A.

Auto-sugestion for array objects that are useful for comparing between arrays

B.

Auto-suggestion is not available for array objects

C.

Auto-suggestion for array objects that are useful for categorization of resource parameters

D.

Auto-suggestion for array objects that are useful for comparing between array elements

Question 52

The attempted bytes count displays?

Options:

A.

traffic that is either denied by the security group or firewall rules or traffic that was reset by a host or virtual machine that received the packet and responded with a RST packet.

B.

traffic that is either denied by the security group or firewall rules.

C.

traffic that is either denied by the firewall rules or traffic that was reset by a host or virtual machine that received the packet and responded with a RST packet.

D.

traffic denied by the security group or traffic that was reset by a host or virtual machine that received the packet and responded with a RST packet.

Question 53

Given the following information, which twistcli command should be run if an administrator were to exec into a running container and scan it from within using an access token for authentication?

• Console is located at

• Token is: TOKEN_VALUE

• Report ID is: REPORTJD

• Container image running is: myimage:latest

Options:

A.

twistcli images scan --address https://prisma-console.mydomain.local —token TOKENVALUE —containerized —details myimage:latest

B.

twistcli images scan —console-address https://prisma-console.mydomain.local —auth-token MY_TOKEN —local-scan —details myimage:latest

C.

twistcli images scan —address https://prisma-console.mydomain.local —token TOKEN_VALUE —containerized --details REPORT_ID

D.

twistcli images scan --console-address https://prisma-console.mydomain.local --auth-token TOKEN_VALUE —containerized —vulnerability-details REPORT_ID

Question 54

The compliance team needs to associate Prisma Cloud policies with compliance frameworks. Which option should the team select to perform this task?

Options:

A.

Custom Compliance

B.

Policies

C.

Compliance

D.

Alert Rules

Question 55

An administrator sees that a runtime audit has been generated for a host. The audit message is:

“Service postfix attempted to obtain capability SHELL by executing /bin/sh /usr/libexec/postfix/postfix- script.stop. Low severity audit, event is automatically added to the runtime model”

Which runtime host policy rule is the root cause for this runtime audit?

Options:

A.

Custom rule with specific configuration for file integrity

B.

Custom rule with specific configuration for networking

C.

Default rule that alerts on capabilities

D.

Default rule that alerts on suspicious runtime behavior

Question 56

What is a benefit of the Cloud Discovery feature?

Options:

A.

It does not require any specific permissions to be granted before use.

B.

It helps engineers find all cloud-native services being used only on AWS.

C.

It offers coverage for serverless functions on AWS only.

D.

It enables engineers to continuously monitor all accounts and report on the services that are unprotected.

Question 57

An administrator wants to install the Defenders to a Kubernetes cluster. This cluster is running the console on the default service endpoint and will be exporting to YAML.

Console Address: $CONSOLE_ADDRESS Websocket Address: $WEBSOCKET_ADDRESS User: $ADMIN_USER

Which command generates the YAML file for Defender install?

Options:

A.

/twistcli defender \

--address $CONSOLE_ADDRESS \

--user $ADMIN_USER \

--cluster-address $CONSOLE_ADDRESS

B.

/twistcli defender export kubernetes \

--address $WEBSOCKET_ADDRESS \

--user $ADMIN_USER \

--cluster-address $CONSOLE_ADDRESS

C.

/twistcli defender YAML kubernetes \

--address $CONSOLE_ADDRESS \

--user $ADMIN_USER \

--cluster-address $WEBSOCKET_ADDRESS

D.

/twistcli defender export kubernetes \

--address $CONSOLE_ADDRESS \

--user $ADMIN_USER \

--cluster-address $WEBSOCKET_ADDRESS

Question 58

What is required for Prisma Cloud to successfully execute auto-remediation commands?

Options:

A.

Read access to the cloud platform

B.

Write access to the cloud platform

C.

Access to the cloud platform only for Azure

D.

Prisma Cloud requires no access to the cloud platform

Question 59

A customer has a requirement to automatically protect all Lambda functions with runtime protection. What is the process to automatically protect all the Lambda functions?

Options:

A.

Configure a function scan policy from the Defend/Vulnerabilities/Functions page.

B.

Configure serverless radar from the Defend/Compliance/Cloud Platforms page.

C.

Configure a manually embedded Lambda Defender.

D.

Configure a serverless auto-protect rule for the functions.

Question 60

Console is running in a Kubernetes cluster, and you need to deploy Defenders on nodes within this cluster.

Which option shows the steps to deploy the Defenders in Kubernetes using the default Console service name?

Options:

A.

From the deployment page in Console, choose pod name for Console identifier, generate DaemonSet file, and apply the DaemonSet to twistlock namespace.

B.

From the deployment page configure the cloud credential in Console and allow cloud discovery to auto-protect the Kubernetes nodes.

C.

From the deployment page in Console, choose twistlock-console for Console identifier, generate DaemonSet file, and apply DaemonSet to the twistlock namespace.

D.

From the deployment page in Console, choose twistlock-console for Console identifier, and run the curl | bash script on the master Kubernetes node.

Question 61

The administrator wants to review the Console audit logs from within the Console.

Which page in the Console should the administrator use to review this data, if it can be reviewed at all?

Options:

A.

Navigate to Monitor > Events > Host Log Inspection

B.

The audit logs can be viewed only externally to the Console

C.

Navigate to Manage > Defenders > View Logs

D.

Navigate to Manage > View Logs > History

Question 62

Which two frequency options are available to create a compliance report within the console? (Choose two.)

Options:

A.

One-time

B.

Monthly

C.

Recurring

D.

Weekly

Question 63

Which option identifies the Prisma Cloud Compute Edition?

Options:

A.

Package installed with APT

B.

Downloadable, self-hosted software

C.

Software-as-a-Service (SaaS)

D.

Plugin to Prisma Cloud

Question 64

A security team notices a number of anomalies under Monitor > Events. The incident response team works with the developers to determine that these anomalies are false positives.

What will be the effect if the security team chooses to Relearn on this image?

Options:

A.

The model is deleted, and Defender will relearn for 24 hours.

B.

The anomalies detected will automatically be added to the model.

C.

The model is deleted and returns to the initial learning state.

D.

The model is retained, and any new behavior observed during the new learning period will be added to the existing model.

Question 65

Which two offerings will scan container images in Jenkins pipelines? (Choose two.)

Options:

A.

Compute Azure DevOps plugin

B.

Prisma Cloud Visual Studio Code plugin with Jenkins integration

C.

Jenkins Docker plugin

D.

Twistcli

E.

Compute Jenkins plugin

Question 66

An administrator sees that a runtime audit has been generated for a Container. The audit message is “DNS resolution of suspicious name wikipedia.com. type A”.

Why would this message appear as an audit?

Options:

A.

The DNS was not learned as part of the Container model or added to the DNS allow list.

B.

This is a DNS known to be a source of malware.

C.

The process calling out to this domain was not part of the Container model.

D.

The Layer7 firewall detected this as anomalous behavior.

Question 67

Move the steps to the correct order to set up and execute a serverless scan using AWS DevOps.

Options:

Question 68

What is an automatically correlated set of individual events generated by the firewall and runtime sensors to identify unfolding attacks?

Options:

A.

policy

B.

incident

C.

audit

D.

anomaly

Question 69

Which two statements apply to the Defender type Container Defender - Linux?

Options:

A.

It is implemented as runtime protection in the userspace.

B.

It is deployed as a service.

C.

It is deployed as a container.

D.

It is incapable of filesystem runtime defense.

Question 70

A customer has Prisma Cloud Enterprise and host Defenders deployed.

What are two options that allow an administrator to upgrade Defenders? (Choose two.)

Options:

A.

with auto-upgrade, the host Defender will auto-upgrade.

B.

auto deploy the Lambda Defender.

C.

click the update button in the web-interface.

D.

generate a new DaemonSet file.

Question 71

Which serverless cloud provider is covered by the "overly permissive service access" compliance check?

Options:

A.

Alibaba

B.

Azure

C.

Amazon Web Services (AWS)

D.

Google Cloud Platform (GCP)

Question 72

Which report includes an executive summary and a list of policy violations, including a page with details for each policy?

Options:

A.

Compliance Standard

B.

Business Unit

C.

Cloud Security Assessment

D.

Detailed

Question 73

In Azure, what permissions need to be added to Management Groups to allow Prisma Cloud to calculate net effective permissions?

Options:

A.

Microsoft.Management/managementGroups/descendants/read

B.

Microsoft.Management/managementGroups/descendants/calculate

C.

PaloAltoNetworks.PrismaCloud/managementGroups/descendants/read

D.

PaloAltoNetworks.PrismaCloud/managementGroups/

Question 74

Which policy type should be used to detect and alert on cryptominer network activity?

Options:

A.

Audit event

B.

Anomaly

C.

Config-build

D.

Config-run

Question 75

When an alert notification from the alarm center is deleted, how many hours will a similar alarm be suppressed by default?

Options:

A.

12

B.

8

C.

24

D.

4

Question 76

What are two built-in RBAC permission groups for Prisma Cloud? (Choose two.)

Options:

A.

Group Membership Admin

B.

Group Admin

C.

Account Group Admin

D.

Account Group Read Only

Question 77

Which order of steps map a policy to a custom compliance standard?

(Drag the steps into the correct order of occurrence, from the first step to the last.)

Options:

Question 78

How many CLI remediation commands can be added in a custom policy sequence?

Options:

A.

2

B.

1

C.

4

D.

5

Page: 1 / 20
Total 260 questions