Independence Day Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: netdisc

Paloalto Networks PCCSE Prisma Certified Cloud Security Engineer Exam Practice Test

Demo: 18 questions
Total 126 questions

Prisma Certified Cloud Security Engineer Questions and Answers

Question 1

Which container scan is constructed correctly?

Options:

A.

twistcli images scan -u api -p api --address https://us-west1.cloud.twistlock.com/us-3-123456789 -- container myimage/latest

B.

twistcli images scan --docker-address https://us-west1.cloud.twistlock.com/us-3-123456789 myimage/ latest

C.

twistcli images scan -u api -p api --address https://us-west1.cloud.twistlock.com/us-3-123456789 --details myimage/latest

D.

twistcli images scan -u api -p api --docker-address https://us-west1.cloud.twistlock.com/us-3-123456789 myimage/latest

Question 2

A customer wants to monitor the company’s AWS accounts via Prisma Cloud, but only needs the resource configuration to be monitored for now.

Which two pieces of information do you need to onboard this account? (Choose two.)

Options:

A.

Cloudtrail

B.

Subscription ID

C.

Active Directory ID

D.

External ID

E.

Role ARN

Question 3

The development team is building pods to host a web front end, and they want to protect these pods with an application firewall.

Which type of policy should be created to protect this pod from Layer7 attacks?

Options:

A.

The development team should create a WAAS rule for the host where these pods will be running.

B.

The development team should create a WAAS rule targeted at all resources on the host.

C.

The development team should create a runtime policy with networking protections.

D.

The development team should create a WAAS rule targeted at the image name of the pods.

Question 4

What is an automatically correlated set of individual events generated by the firewall and runtime sensors to identify unfolding attacks?

Options:

A.

policy

B.

incident

C.

audit

D.

anomaly

Question 5

The Unusual protocol activity (Internal) network anomaly is generating too many alerts. An administrator has been asked to tune it to the option that will generate the least number of events without disabling it entirely.

Which strategy should the administrator use to achieve this goal?

Options:

A.

Disable the policy

B.

Set the Alert Disposition to Conservative

C.

Change the Training Threshold to Low

D.

Set Alert Disposition to Aggressive

Question 6

Which two statements are true about the differences between build and run config policies? (Choose two.)

Options:

A.

Run and Network policies belong to the configuration policy set.

B.

Build and Audit Events policies belong to the configuration policy set.

C.

Run policies monitor resources, and check for potential issues after these cloud resources are deployed.

D.

Build policies enable you to check for security misconfigurations in the IaC templates and ensure that these issues do not get into production.

E.

Run policies monitor network activities in your environment, and check for potential issues during runtime.

Question 7

Given the following audit event activity snippet:

Which RQL will be triggered by the audit event?

A)

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 8

You are tasked with configuring a Prisma Cloud build policy for Terraform. What type of query is necessary to complete this policy?

Options:

A.

YAML

B.

JSON

C.

CloudFormation

D.

Terraform

Question 9

The Prisma Cloud administrator has configured a new policy.

Which steps should be used to assign this policy to a compliance standard?

Options:

A.

Edit the policy, go to step 3 (Compliance Standards), click + at the bottom, select the compliance standard, fill in the other boxes, and then click Confirm.

B.

Create the Compliance Standard from Compliance tab, and then select Add to Policy.

C.

Open the Compliance Standards section of the policy, and then save.

D.

Custom policies cannot be added to existing standards.

Question 10

Which two options may be used to upgrade the Defenders with a Console v20.04 and Kubernetes deployment? (Choose two.)

Options:

A.

Run the provided curl | bash script from Console to remove Defenders, and then use Cloud Discovery to automatically redeploy Defenders.

B.

Remove Defenders DaemonSet, and then use Cloud Discovery to automatically redeploy the Defenders.

C.

Remove Defenders, and then deploy the new DaemonSet so Defenders do not have to automatically update on each deployment.

D.

Let Defenders automatically upgrade.

Question 11

Given this information:

The Console is located at https://prisma-console.mydomain.local The username is: cluster

The password is: password123

The image to scan is: myimage:latest

Which twistcli command should be used to scan a Container for vulnerabilities and display the details about each vulnerability?

Options:

A.

twistcli images scan --console-address https://prisma-console.mydomain.local -u cluster -p password123 -- details myimage:latest

B.

twistcli images scan --console-address prisma-console.mydomain.local -u cluster -p password123 -- vulnerability-details myimage:latest

C.

twistcli images scan --address prisma-console.mydomain.local -u cluster -p password123 --vulnerability- details myimage:latest

D.

twistcli images scan --address https://prisma-console.mydomain.local -u cluster -p password123 --details myimage:latest

Question 12

When would a policy apply if the policy is set under Defend > Vulnerability > Images > Deployed?

Options:

A.

when a serverless repository is scanned

B.

when a Container is started form an Image

C.

when the Image is built and when a Container is started form an Image

D.

when the Image is built

Question 13

Which type of compliance check is available for rules under Defend > Compliance > Containers and Images > CI?

Options:

A.

Host

B.

Container

C.

Functions

D.

Image

Question 14

How are the following categorized?

Backdoor account access Hijacked processes Lateral movement

Port scanning

Options:

A.

audits

B.

incidents

C.

admission controllers

D.

models

Question 15

What is the maximum number of access keys a user can generate in Prisma Cloud with a System Admin role?

Options:

A.

1

B.

2

C.

3

D.

4

Question 16

A security team has been asked to create a custom policy.

Which two methods can the team use to accomplish this goal? (Choose two.)

Options:

A.

add a new policy

B.

clone an existing policy

C.

disable an out-of-the-box policy

D.

edit the query in the out-of-the-box policy

Question 17

A customer has serverless functions that are deployed in multiple clouds.

Which serverless cloud provider is covered be “overly permissive service access” compliance check?

Options:

A.

Alibaba

B.

GCP

C.

AWS

D.

Azure

Question 18

Match the correct scanning mode for each given operation.

(Select your answer from the pull-down list. Answers may be used more than once or not at all.)

Options:

Demo: 18 questions
Total 126 questions