New Year Special Limited Time Flat 70% Discount offer - Ends in 0d 00h 00m 00s - Coupon code: 70spcl

Paloalto Networks PCCSE Prisma Certified Cloud Security Engineer Exam Practice Test

Page: 1 / 26
Total 260 questions

Prisma Certified Cloud Security Engineer Questions and Answers

Question 1

What improves product operationalization by adding visibility into feature utilization and missed opportunities?

Options:

A.

Adoption Advisor

B.

Alarm Advisor

C.

Alert Center

D.

Alarm Center

Question 2

Prisma Cloud supports which three external systems that allow the import of vulnerabilities and provide additional context on risks in the cloud? (Choose three.)

Options:

A.

Splunk

B.

Qualys

C.

Amazon Inspector

D.

Amazon GuardDuty

E.

ServiceNow

Question 3

An administrator sees that a runtime audit has been generated for a host. The audit message is:

“Service postfix attempted to obtain capability SHELL by executing /bin/sh /usr/libexec/postfix/postfix- script.stop. Low severity audit, event is automatically added to the runtime model”

Which runtime host policy rule is the root cause for this runtime audit?

Options:

A.

Custom rule with specific configuration for file integrity

B.

Custom rule with specific configuration for networking

C.

Default rule that alerts on capabilities

D.

Default rule that alerts on suspicious runtime behavior

Question 4

What are the three states of the Container Runtime Model? (Choose three.)

Options:

A.

Initiating

B.

Learning

C.

Active

D.

Running

E.

Archived

Question 5

Which two proper agentless scanning modes are supported with Prisma Cloud? (Choose two).

Options:

A.

Spoke Account Mode

B.

Hub Account Mode

C.

Same Account Mode

D.

Main Account Mode

Question 6

How is the scope of each rule determined in the Prisma Cloud Compute host runtime policy?

Options:

A.

By the collection assigned to that rule

B.

By the target workload

C.

By the order in which it is created

D.

By the type of network traffic it controls

Question 7

The exclamation mark on the resource explorer page would represent?

Options:

A.

resource has been deleted

B.

the resource was modified recently

C.

resource has alerts

D.

resource has compliance violation

Question 8

One of the resources on the network has triggered an alert for a Default Config policy.

Given the following resource JSON snippet:

Which RQL detected the vulnerability?

A)

Question # 8

B)

C)

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 9

Which of the following is a reason for alert dismissal?

Options:

A.

SNOOZED_AUTO_CLOSE

B.

ALERT_RULE_ADDED

C.

POLICY_UPDATED

D.

USER_DELETED

Question 10

The InfoSec team wants to be notified via email each time a Security Group is misconfigured. Which Prisma Cloud tab should you choose to complete this request?

Options:

A.

Notifications

B.

Policies

C.

Alert Rules

D.

Events

Question 11

Taking which action will automatically enable all severity levels?

Options:

A.

Navigate to Settings > Enterprise Settings and enable all severity levels in the alarm center.

B.

Navigate to Policies > Settings and enable all severity levels in the alarm center.

C.

Navigate to Settings > Enterprise Settings and ensure all severity levels are checked under "auto-enable default policies.

D.

Navigate to Policies > Settings and ensure all severity levels are checked under "auto-enable default policies.

Question 12

Web-Application and API Security (WAAS) provides protection for which two protocols? (Choose two.)

Options:

A.

HTTP

B.

SSH

C.

Tomcat Web Connector via AJP

D.

TLS

Question 13

An administrator sees that a runtime audit has been generated for a container.

The audit message is:

“/bin/ls launched and is explicitly blocked in the runtime rule. Full command: ls -latr”

Which protection in the runtime rule would cause this audit?

Options:

A.

Networking

B.

File systems

C.

Processes

D.

Container

Question 14

A security team notices a number of anomalies under Monitor > Events. The incident response team works with the developers to determine that these anomalies are false positives.

What will be the effect if the security team chooses to Relearn on this image?

Options:

A.

The model is deleted, and Defender will relearn for 24 hours.

B.

The anomalies detected will automatically be added to the model.

C.

The model is deleted and returns to the initial learning state.

D.

The model is retained, and any new behavior observed during the new learning period will be added to the existing model.

Question 15

Which of the following is not a supported external integration for receiving Prisma Cloud Code Security notifications?

Options:

A.

Splunk

B.

Cortex XSOAR

C.

Microsoft Teams

D.

ServiceNow

Question 16

Which three actions are required in order to use the automated method within Azure Cloud to streamline the process of using remediation in the identity and access management (IAM) module? (Choose three.)

Options:

A.

Install boto3 & requests library.

B.

Configure IAM Azure remediation script.

C.

Integrate with Azure Service Bus.

D.

Configure IAM AWS remediation script.

E.

Install azure.servicebus & requests library.

Question 17

The security team wants to enable the “block” option under compliance checks on the host.

What effect will this option have if it violates the compliance check?

Options:

A.

The host will be taken offline.

B.

Additional hosts will be prevented form starting.

C.

Containers on a host will be stopped.

D.

No containers will be allowed to start on that host.

Question 18

A Prisma Cloud administrator is tasked with pulling a report via API. The Prisma Cloud tenant is located on app2.prismacloud.io.

What is the correct API endpoint?

Options:

A.

https://api.prismacloud.io

B.

https://api2.eu.prismacloud.io

C.

httsp://api.prismacloud.cn

D.

https://api2.prismacloud.io

Question 19

An administrator has been tasked with a requirement by your DevSecOps team to write a script to continuously query programmatically the existing users, and the user’s associated permission levels, in a Prisma Cloud Enterprise tenant.

Which public documentation location should be reviewed to help determine the required attributes to carry out this step?

Options:

A.

Prisma Cloud Administrator’s Guide (Compute)

B.

Prisma Cloud API Reference

C.

Prisma Cloud Compute API Reference

D.

Prisma Cloud Enterprise Administrator’s Guide

Question 20

Creation of a new custom compliance standard that is based on other individual custom compliance standards needs to be automated.

Assuming the necessary data from other standards has been collected, which API order should be used for this new compliance standard?

Options:

A.

1) https://api.prismacloud.io/compliance/add

2) https://api.prismacloud.io/compliance/requirementld/section

3) https://api.prismacloud.io/compliance/complianceld/requirement

B.

1) https://api.prismacloud.io/compliance

2) https://api.prismacloud.io/compliance/complianceld/requirement

3) https://api.prismacloud.io/compliance/requirementld/section

C.

1) https://api.prismacloud.io/compliance/add

2) https://api.prismacloud.io/compliance/complianceld/requirement

3) https://api.prismacloud.io/compliance/requirementld/section

D.

1) https://api.prismacloud.io/compliance

2) https://api.prismacloud.io/compliance/requirementld/section

3) https://api.prismacloud.io/compliance/complianceld/requirement

Question 21

Prisma Cloud Compute has been installed on Onebox. After Prisma Cloud Console has been accessed. Defender is disconnected and keeps returning the error "No console connectivity" in the logs.

What could be causing the disconnection between Console and Defender in this scenario?

Options:

A.

Port 8083 is not open for Console and Defender communication.

B.

The license key provided to the Console is invalid.

C.

Port 8084 is not open for Console and Defender communication.

D.

Onebox script installed an older version of the Defender.

Question 22

The security auditors need to ensure that given compliance checks are being run on the host. Which option is a valid host compliance policy?

Options:

A.

Ensure functions are not overly permissive.

B.

Ensure host devices are not directly exposed to containers.

C.

Ensure images are created with a non-root user.

D.

Ensure compliant Docker daemon configuration.

Question 23

Given the following information, which twistcli command should be run if an administrator were to exec into a running container and scan it from within using an access token for authentication?

• Console is located at https://prisma-console.mydomain.local

• Token is: TOKEN_VALUE

• Report ID is: REPORTJD

• Container image running is: myimage:latest

Options:

A.

twistcli images scan --address https://prisma-console.mydomain.local —token TOKENVALUE —containerized —details myimage:latest

B.

twistcli images scan —console-address https://prisma-console.mydomain.local —auth-token MY_TOKEN —local-scan —details myimage:latest

C.

twistcli images scan —address https://prisma-console.mydomain.local —token TOKEN_VALUE —containerized --details REPORT_ID

D.

twistcli images scan --console-address https://prisma-console.mydomain.local --auth-token TOKEN_VALUE —containerized —vulnerability-details REPORT_ID

Question 24

A security team has a requirement to ensure the environment is scanned for vulnerabilities. What are three options for configuring vulnerability policies? (Choose three.)

Options:

A.

individual actions based on package type

B.

output verbosity for blocked requests

C.

apply policy only when vendor fix is available

D.

individual grace periods for each severity level

E.

customize message on blocked requests

Question 25

What happens when a role is deleted in Prisma Cloud?

Options:

A.

The access key associated with that role is automatically deleted.

B.

Any integrations that use the access key to make calls to Prisma Cloud will stop working.

C.

The users associated with that role will be deleted.

D.

Any user who uses that key will be deleted.

Question 26

Which two information types cannot be seen in the data security dashboard? (Choose two).

Options:

A.

Bucket owner

B.

Object Data Profile by Region

C.

Top Publicly Exposed Objects By Data Profile

D.

Object content

E.

Total objects

Question 27

A user from an organization is unable to log in to Prisma Cloud Console after having logged in the previous day.

Which area on the Console will provide input on this issue?

Options:

A.

SSO

B.

Audit Logs

C.

Users & Groups

D.

Access Control

Question 28

Which two bot categories belong to unknown bots under Web-Application and API Security (WAAS) bot protection? (Choose two.)

Options:

A.

News bots

B.

Search engine crawlers

C.

Web scrapers

D.

HTTP libraries

Question 29

Move the steps to the correct order to set up and execute a serverless scan using AWS DevOps.

Question # 29

Options:

Question 30

In Azure, what permissions need to be added to Management Groups to allow Prisma Cloud to calculate net effective permissions?

Options:

A.

Microsoft.Management/managementGroups/descendants/read

B.

Microsoft.Management/managementGroups/descendants/calculate

C.

PaloAltoNetworks.PrismaCloud/managementGroups/descendants/read

D.

PaloAltoNetworks.PrismaCloud/managementGroups/

Question 31

Which two offerings will scan container images in Jenkins pipelines? (Choose two.)

Options:

A.

Compute Azure DevOps plugin

B.

Prisma Cloud Visual Studio Code plugin with Jenkins integration

C.

Jenkins Docker plugin

D.

Twistcli

E.

Compute Jenkins plugin

Question 32

Which two integrations enable ingesting host findings to generate alerts? (Choose two.)

Options:

A.

Splunk

B.

Tenable

C.

JIRA

D.

Qualys

Question 33

The attempted bytes count displays?

Options:

A.

traffic that is either denied by the security group or firewall rules or traffic that was reset by a host or virtual machine that received the packet and responded with a RST packet.

B.

traffic that is either denied by the security group or firewall rules.

C.

traffic that is either denied by the firewall rules or traffic that was reset by a host or virtual machine that received the packet and responded with a RST packet.

D.

traffic denied by the security group or traffic that was reset by a host or virtual machine that received the packet and responded with a RST packet.

Question 34

What is the order of steps in a Jenkins pipeline scan?

(Drag the steps into the correct order of occurrence, from the first step to the last.)

Options:

Question 35

Which type of compliance check is available for rules under Defend > Compliance > Containers and Images > CI?

Options:

A.

Host

B.

Container

C.

Functions

D.

Image

Question 36

Which three steps are involved in onboarding an account for Data Security? (Choose three.)

Options:

A.

Create a read-only role with in-line policies

B.

Create a Cloudtrail with SNS Topic

C.

Enable Flow Logs

D.

Enter the RoleARN and SNSARN

E.

Create a S3 bucket

Question 37

What is the primary purpose of Prisma Cloud Code Security?

Options:

A.

To provide a platform for developers to create custom security policies for applications

B.

To triage alerts and incidents in realtime during deployment

C.

To address cloud infrastructure misconfigurations in code before they become alerts or incidents

D.

To offer instant feedback on application performance issues and bottlenecks

Question 38

Given this information:

The Console is located at https://prisma-console.mydomain.local The username is: cluster

The password is: password123

The image to scan is: myimage:latest

Which twistcli command should be used to scan a Container for vulnerabilities and display the details about each vulnerability?

Options:

A.

twistcli images scan --console-address https://prisma-console.mydomain.local -u cluster -p password123 -- details myimage:latest

B.

twistcli images scan --console-address prisma-console.mydomain.local -u cluster -p password123 -- vulnerability-details myimage:latest

C.

twistcli images scan --address prisma-console.mydomain.local -u cluster -p password123 --vulnerability- details myimage:latest

D.

twistcli images scan --address https://prisma-console.mydomain.local -u cluster -p password123 --details myimage:latest

Question 39

Which step is included when configuring Kubernetes to use Prisma Cloud Compute as an admission controller?

Options:

A.

copy the Console address and set the config map for the default namespace.

B.

create a new namespace in Kubernetes called admission-controller.

C.

enable Kubernetes auditing from the Defend > Access > Kubernetes page in the Console.

D.

copy the admission controller configuration from the Console and apply it to Kubernetes.

Question 40

Which three elements are part of SSH Events in Host Observations? (Choose three.)

Options:

A.

Startup process

B.

User

C.

System calls

D.

Process path

E.

Command

Question 41

Which command should be used in the Prisma Cloud twistcli tool to scan the nginx:latest image for vulnerabilities and compliance issues?

A)

B)

Question # 41

C)

Question # 41

D)

Options:

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Question 42

Which two filters are available in the SecOps dashboard? (Choose two.)

Options:

A.

Time range

B.

Account Groups

C.

Service Name

D.

Cloud Region

Question 43

Which action would be applicable after enabling anomalous compute provisioning?

Options:

A.

It detects the activity caused by the spambot.

B.

It detects unusual server port activity or unusual protocol activity from a client within or outside the cloud environment.

C.

It detects potential creation of an unauthorized network of compute instances with AutoFocus.

D.

It detects potential creation of an unauthorized network of compute instances either accidentally or for cryptojacking.

Question 44

How does assigning an account group to an administrative user on Prisma Cloud help restrict access to resources?

Options:

A.

It restricts access only to certain types of resources within the cloud account.

B.

It restricts access to all resources and data within the cloud account.

C.

It restricts access only to the resources and data that pertains to the cloud account(s) within an account group.

D.

It does not restrict access to any resources within the cloud account.

Question 45

What is the behavior of Defenders when the Console is unreachable during upgrades?

Options:

A.

Defenders continue to alert, but not enforce, using the policies and settings most recently cached before upgrading the Console.

B.

Defenders will fail closed until the web-socket can be re-established.

C.

Defenders will fail open until the web-socket can be re-established.

D.

Defenders continue to alert and enforce using the policies and settings most recently cached before upgrading the Console.

Question 46

Which categories does the Adoption Advisor use to measure adoption progress for Cloud Security Posture Management?

Options:

A.

Visibility, Compliance, Governance, and Threat Detection and Response

B.

Network, Anomaly, and Audit Event

C.

Visibility, Security, and Compliance

D.

Foundations, Advanced, and Optimize

Question 47

A customer wants to harden its environment from misconfiguration.

Prisma Cloud Compute Compliance enforcement for hosts covers which three options? (Choose three.)

Options:

A.

Docker daemon configuration files

B.

Docker daemon configuration

C.

Host cloud provider tags

D.

Host configuration

E.

Hosts without Defender agents

Question 48

A customer has a development environment with 50 connected Defenders. A maintenance window is set for Monday to upgrade 30 stand-alone Defenders in the development environment, but there is no maintenance window available until Sunday to upgrade the remaining 20 stand-alone Defenders.

Which recommended action manages this situation?

Options:

A.

Go to Manage > Defender > Manage, then click Defenders, and use the Scheduler to choose which Defenders will be automatically upgraded during the maintenance window.

B.

Find a maintenance window that is suitable to upgrade all stand-alone Defenders in the development environment.

C.

Upgrade a subset of the Defenders by clicking the individual Actions > Upgrade button in the row that corresponds to the Defender that should be upgraded during the maintenance window.

D.

Open a support case with Palo Alto Networks to arrange an automatic upgrade.

Question 49

Which options show the steps required after upgrade of Console?

Options:

A.

Uninstall Defenders Upgrade Jenkins Plugin

Upgrade twistcli where applicable

Allow the Console to redeploy the Defender

B.

Update the Console image in the Twistlock hosted registry Update the Defender image in the Twistlock hosted registry Uninstall Defenders

C.

Upgrade Defenders Upgrade Jenkins Plugin Upgrade twistcli where applicable

D.

Update the Console image in the Twistlock hosted registry Update the Defender image in the Twistlock hosted registry Redeploy Console

Question 50

What are two alarm types that are registered after alarms are enabled? (Choose two.)

Options:

A.

Onboarded Cloud Accounts status

B.

Resource status

C.

Compute resources

D.

External integrations status

Question 51

If you are required to run in an air-gapped environment, which product should you install?

Options:

A.

Prisma Cloud Jenkins Plugin

B.

Prisma Cloud Compute Edition

C.

Prisma Cloud with self-hosted plugin

D.

Prisma Cloud Enterprise Edition

Question 52

When would a policy apply if the policy is set under Defend > Vulnerability > Images > Deployed?

Options:

A.

when a serverless repository is scanned

B.

when a Container is started form an Image

C.

when the Image is built and when a Container is started form an Image

D.

when the Image is built

Question 53

Which field is required during the creation of a custom config query?

Options:

A.

resource status

B.

api.name

C.

finding.type

D.

cloud.type

Question 54

What is the default namespace created by Defender DaemonSet during deployment?

Options:

A.

Redlock

B.

Defender

C.

Twistlock

D.

Default

Question 55

What are two key requirements for integrating Okta with Prisma Cloud when multiple Amazon Web Services (AWS) cloud accounts are being used? (Choose two.)

Options:

A.

Super Administrator permissions

B.

A valid subscription for the IAM security module

C.

An Okta API token for the primary AWS account

D.

Multiple instances of the Okta app

Question 56

Which statement applies to Adoption Advisor?

Options:

A.

It helps adopt security capabilities at a fixed pace regardless of the organization's needs.

B.

It only provides guidance during the deploy phase of the application lifecycle.

C.

It is only available for organizations that have completed the cloud adoption journey.

D.

It includes security capabilities from subscriptions for CSPM, CWP, CCS, OEM, and Data Security.

Question 57

Which option identifies the Prisma Cloud Compute Edition?

Options:

A.

Package installed with APT

B.

Downloadable, self-hosted software

C.

Software-as-a-Service (SaaS)

D.

Plugin to Prisma Cloud

Question 58

Which Prisma Cloud policy type can protect against malware?

Options:

A.

Event

B.

Network

C.

Config

D.

Data

Question 59

An organization wants to be notified immediately to any “High Severity” alerts for the account group “Clinical Trials” via Slack.

Which option shows the steps the organization can use to achieve this goal?

Options:

A.

1. Configure Slack Integration

2.Create an alert rule and select “Clinical Trials” as the account group

3.Under the “Select Policies” tab, filter on severity and select “High”

4.Under the Set Alert Notification tab, choose Slack and populate the channel

5.Set Frequency to “As it Happens”

B.

1. Create an alert rule and select “Clinical Trials” as the account group

2.Under the “Select Policies” tab, filter on severity and select “High”

3.Under the Set Alert Notification tab, choose Slack and populate the channel

4.Set Frequency to “As it Happens”

5.Set up the Slack Integration to complete the configuration

C.

1. Configure Slack Integration

2.Create an alert rule

3.Under the “Select Policies” tab, filter on severity and select “High”

4.Under the Set Alert Notification tab, choose Slack and populate the channel

5.Set Frequency to “As it Happens”

D.

1. Under the “Select Policies” tab, filter on severity and select “High”

2.Under the Set Alert Notification tab, choose Slack and populate the channel

3.Set Frequency to “As it Happens”

4.Configure Slack Integration

5.Create an Alert rule

Question 60

An administrator has access to a Prisma Cloud Enterprise.

What are the steps to deploy a single container Defender on an ec2 node?

Options:

A.

Pull the Defender image to the ec2 node, copy and execute the curl | bash script, and start the Defender to ensure it is running.

B.

Execute the curl | bash script on the ec2 node.

C.

Configure the cloud credential in the console and allow cloud discovery to auto-protect the ec2 node.

D.

Generate DaemonSet file and apply DaemonSet to the twistlock namespace.

Question 61

Which Defender type performs registry scanning?

Options:

A.

Serverless

B.

Container

C.

Host

D.

RASP

Question 62

Which of the below actions would indicate – “The timestamp on the compliance dashboard?

Options:

A.

indicates the most recent data

B.

indicates the most recent alert generated

C.

indicates when the data was ingested

D.

indicates when the data was aggregated for the results displayed

Question 63

Which statement is true about obtaining Console images for Prisma Cloud Compute Edition?

Options:

A.

To retrieve Prisma Cloud Console images using basic auth:

1.Access registry.paloaltonetworks.com, and authenticate using ‘docker login’.

2.Retrieve the Prisma Cloud Console images using ‘docker pull’.

B.

To retrieve Prisma Cloud Console images using basic auth:

1.Access registry.twistlock.com, and authenticate using ‘docker login’.

2.Retrieve the Prisma Cloud Console images using ‘docker pull’.

C.

To retrieve Prisma Cloud Console images using URL auth:

1.Access registry-url-auth.twistlock.com, and authenticate using the user certificate.

2.Retrieve the Prisma Cloud Console images using ‘docker pull’.

D.

To retrieve Prisma Cloud Console images using URL auth:

1.Access registry-auth.twistlock.com, and authenticate using the user certificate.

2.Retrieve the Prisma Cloud Console images using ‘docker pull’.

Question 64

What are two ways to scan container images in Jenkins pipelines? (Choose two.)

Options:

A.

twistcli

B.

Jenkins Docker plugin

C.

Compute Jenkins plugin

D.

Compute Azure DevOps plugin

E.

Prisma Cloud Visual Studio Code plugin with Jenkins integration

Question 65

Which two attributes of policies can be fetched using API? (Choose two.)

Options:

A.

policy label

B.

policy signature

C.

policy mode

D.

policy violation

Question 66

A customer wants to be notified about port scanning network activities in their environment. Which policy type detects this behavior?

Options:

A.

Network

B.

Port Scan

C.

Anomaly

D.

Config

Question 67

Which statement about build and run policies is true?

Options:

A.

Build policies enable you to check for security misconfigurations in the IaC templates.

B.

Every type of policy has auto-remediation enabled by default.

C.

The four main types of policies are: Audit Events, Build, Network, and Run.

D.

Run policies monitor network activities in the environment and check for potential issues during runtime.

Question 68

The security team wants to protect a web application container from an SQLi attack. Which type of policy should the administrator create to protect the container?

Options:

A.

CNAF

B.

Runtime

C.

Compliance

D.

CNNF

Question 69

Which RQL query will help create a custom identity and access management (1AM) policy to alert on Lambda functions that have permission to terminate EC2 instances?

Options:

A.

iam from cloud.resource where dest.cloud.type = ’AWS’ AND source.cloud.service.name = ’lambda’ AND source.cloud.resource.type = ’function’ AND dest.cloud.service.name = ’ec2’ AND action.name = ’ec2:TerminateInstances’

B.

config from iam where dest.cloud.type = ’AWS’ AND source.cloud.service.name = ’ec2’ AND source.cloud.resource.type = ’instance’ AND dest.cloud.service.name = ’lambda’ AND action.name = ’ec2:TerminateInstances’

C.

iam from cloud.resource where cloud.type equals ’AWS’ AND cloud.resource.type equals ’lambda function’ AND cloud.service.name = ’ec2’ AND action.name equals ’ec2:TerminateInstances’

D.

config from iam where dest.cloud.type = ’AWS’ AND source.cloud.service.name = ’lambda’ AND source.cloud.resource.type = ’function’ AND dest.cloud.service.name = ’ec2’ AND action.name = ’ec2:TerminateInstances’

Question 70

A customer has configured the JIT, and the user created by the process is trying to log in to the Prisma Cloud console. The user encounters the following error message:

What is the reason for the error message?

Options:

A.

The attribute name is not set correctly in JIT settings.

B.

The user does not exist.

C.

The user entered an incorrect password

D.

The role is not assigned for the user.

Question 71

Which order of steps map a policy to a custom compliance standard?

(Drag the steps into the correct order of occurrence, from the first step to the last.)

Question # 71

Options:

Question 72

What must be created in order to receive notifications about alerts generated when the operator is away from the Prisma Cloud Console?

Options:

A.

Alarm rule

B.

Notification rule

C.

Alert rule

D.

Offline alert

Question 73

What is required for Prisma Cloud to successfully execute auto-remediation commands?

Options:

A.

Read access to the cloud platform

B.

Write access to the cloud platform

C.

Access to the cloud platform only for Azure

D.

Prisma Cloud requires no access to the cloud platform

Question 74

Put the steps of integrating Okta with Prisma Cloud in the right order in relation to CIEM or SSO okra integration.

Question # 74

Options:

Question 75

The administrator wants to review the Console audit logs from within the Console.

Which page in the Console should the administrator use to review this data, if it can be reviewed at all?

Options:

A.

Navigate to Monitor > Events > Host Log Inspection

B.

The audit logs can be viewed only externally to the Console

C.

Navigate to Manage > Defenders > View Logs

D.

Navigate to Manage > View Logs > History

Question 76

Which component(s), if any, will Palo Alto Networks host and run when a customer purchases Prisma Cloud Enterprise Edition?

Options:

A.

Defenders

B.

Console

C.

Jenkins

D.

twistcli

Question 77

A customer finds that an open alert from the previous day has been resolved. No auto-remediation was configured.

Which two reasons explain this change in alert status? (Choose two.)

Options:

A.

user manually changed the alert status.

B.

policy was changed.

C.

resource was deleted.

D.

alert was sent to an external integration.

Question 78

Which two CI/CD plugins are supported by Prisma Cloud as part of its DevOps Security? (Choose two.).

Options:

A.

BitBucket

B.

Visual Studio Code

C.

CircleCI

D.

IntelliJ

Page: 1 / 26
Total 260 questions