Palo Alto Networks PCCSE - Prisma Certified Cloud Security Engineer Exam

Page:    1 / 51   
Total 252 questions

Given a default deployment of Console, a customer needs to identify the alerted compliance checks that are set by default.
Where should the customer navigate in Console?

  • A. Monitor > Compliance
  • B. Defend > Compliance
  • C. Manage > Compliance
  • D. Custom > Compliance


Answer : B

Which container scan is constructed correctly?

  • A. twistcli images scan -u api -p api --address https://us-west1.cloud.twistlock.com/us-3-123456789 --container myimage/latest
  • B. twistcli images scan --docker-address https://us-west1.cloud.twistlock.com/us-3-123456789 myimage/latest
  • C. twistcli images scan -u api -p api --address https://us-west1.cloud.twistlock.com/us-3-123456789 --details myimage/latest
  • D. twistcli images scan -u api -p api --docker-address https://us-west1.cloud.twistlock.com/us-3-123456789 myimage/latest


Answer : C

The development team wants to fail CI jobs where a specific CVE is contained within the image.
How should the development team configure the pipeline or policy to produce this outcome?

  • A. Set the specific CVE exception as an option in Jenkins or twistcli.
  • B. Set the specific CVE exception as an option in Defender running the scan.
  • C. Set the specific CVE exception as an option using the magic string in the Console.
  • D. Set the specific CVE exception in Consoleג€™s CI policy.


Answer : D

Which three types of classifications are available in the Data Security module? (Choose three.)

  • A. Personally identifiable information
  • B. Malicious IP
  • C. Compliance standard
  • D. Financial information
  • E. Malware


Answer : ADE

A customer has a requirement to terminate any Container from image topSecret:latest when a process named ransomWare is executed.
How should the administrator configure Prisma Cloud Compute to satisfy this requirement?

  • A. set the Container model to manual relearn and set the default runtime rule to block for process protection.
  • B. set the Container model to relearn and set the default runtime rule to prevent for process protection.
  • C. add a new runtime policy targeted at a specific Container name, add ransomWare process into the denied process list, and set the action to ג€preventג€.
  • D. choose ג€copy into ruleג€ for the Container, add a ransomWare process into the denied process list, and set the action to ג€blockג€.


Answer : C

Page:    1 / 51   
Total 252 questions