PCCSE Dumps PCCSE Braindumps PCCSE Real Questions PCCSE Practice Test

PCCSE Actual Questions

Palo-Alto

PCCSE

Prisma Certified Cloud Security Engineer

https://killexams.com/pass4sure/exam-detail/PCCSE

Question: 65

DRAG DROP

You wish to create a custom policy with build and run subtypes. Match the query types for each example.

(Select your answer from the pull-down list. Answers may be used more than once or not at all.)

Answer:

Question: 66

A customer has a requirement to terminate any Container from image topSecret:latest when a process named ransomWare is executed

How should the administrator configure Prisma Cloud Compute to satisfy this requirement?

1. add a new runtime policy targeted at a specific Container name, add ransomWare process into the denied process list and set the action to "prevent".

2. choose "copy into rule" for the Container add a ransomWare process into the denied process list and set the action to "block"

3. set the Container model to manual relearn and set the default runtime rule to block for process protection.

4. set the Container model to relearn and set the default runtime rule to prevent for process protection.

Answer: A

Question: 67

The security team wants to target a CMAF policy for specific running Containers How should the administrator scope the policy to target the Containers?

1. scope the policy to Image names

2. scope the policy to namespaces

3. scope the policy to Defender names.

4. scope the policy to Host names

Answer: B

Question: 68

Given an existing ECS Cluster, which option shows the steps required to install the Console in Amazon ECS?

1. Download and extract the release tarball

   Ensure that each node has it own storage for Console data Create the Console task definition

   Deploy the task definition

2. Download and extract release tarball Download task from AWS

   Create the Console task definition Deploy the task definition

3. The console cannot natively run in an ECS cluster. A onebox deployment should be used.

4. Download and extract the release tarball

Create an EPS file system and mount to each node in the cluster Create the Console task definition

Deploy the task definition

Answer: B

Question: 69

Which two statements are true about the differences between build and run config policies? (Choose two.)

1. Build and Audit Events policies belong to the configuration policy set

2. Run policies monitor resources, and check for potential issues after these cloud resources are deployed

3. Run policies monitor network activities in your environment, and check for potential issues during runtime.

4. Build policies enable you to check for security misconfigurations in the laC templates and ensure that these issues do not get into production.

5. Run and Network policies belong to the configuration policy set

Answer: A,C Question: 70 DRAG DROP

What is the order of steps to create a custom network policy?

(Drag the steps into the correct order of occurrence, from the first step to the last.)

Answer:

Question: 71

DRAG DROP

Which order of steps map a policy to a custom compliance standard?

(Drag the steps into the correct order of occurrence, from the first step to the last.)

Answer:

Question: 72

Given this information:

•. The Console is located at https//prisma-console mydomain local

•. The username is ciuser

•. The password is password123

•. The Image to scan is myimage latest

Which twistcli command should be used to scan a Container for vulnerabilities and display the details about each vulnerability?

1. twistcli images scan ―console-address https //prisma-console mydomain local -u ciuser -p password123 -details myimage latest

2. twistcli images scan ―address prisma-console mydomain local -u ciuser -p password123 -vulnerability-details myimage latest

3. twistcli images scan -address https //prisma-console mydomain local -u ciuser -p password123 -details myimage latest

4. twistcli images scan ―console-address prisma-console mydomain local -u ciuser -p password!23 -vulnerability- details myimage.latest

Answer: D

Question: 73

Which options show the steps required after upgrade of Console?

1. Update the Console image in the Twistlock hosted registry Update the Defender image in the Twistlock hosted registry Uninstall Defenders

2. Update the Console image in the Twistlock hosted registry Update the Defender image in the Twistlock hosted registry Redeploy Console

3. Upgrade Defenders Upgrade Jenkins Plugin

   Upgrade twistcli where applicable

4. Uninstall Defenders Upgrade Jenkins Plugin

Upgrade twistcli where applicable

Allow the Console to redeploy the Defender

Answer: D

Question: 74

Which "kind" of Kubernetes object that is configured to ensure that Defender is acting as the admission controller?

1. PodSecurityPolicies

2. DestinationRules

3. ValidatingWebhookConfiguration

4. MutatingWebhookConfiguration

Answer: D

Question: 75

Which component(s), if any will Palo Alto Networks host and run when a customer purchases Prisma Cloud Enterprise Edition?

1. Defenders

2. twistcli

3. Console

4. Jenkins

Answer: B Question: 76 DRAG DROP

Match the service on the right that evaluates each exposure type on the left.

(Select your answer from the pull-down list. Answers may be used more than once or not at all.)

Answer:

Question: 77

Which three types of bucket exposure are available in the Data Security module? (Choose three.)

1. Differential

2. Public

3. Conditional

4. Private

5. International

Answer: A,C,E

6$03/( 48(67,216

7KHVH TXHVWLRQV DUH IRU GHPR SXUSRVH RQO\ )XOO YHUVLRQ LV XS WR GDWH DQG FRQWDLQV DFWXDO TXHVWLRQV DQG DQVZHUV

.LOOH[DPV FRP LV DQ RQOLQH SODWIRUP WKDW RIIHUV D ZLGH UDQJH RI VHUYLFHV UHODWHG WR FHUWLILFDWLRQ H[DP SUHSDUDWLRQ 7KH SODWIRUP SURYLGHV DFWXDO TXHVWLRQV H[DP GXPSV DQG SUDFWLFH WHVWV WR KHOS LQGLYLGXDOV SUHSDUH IRU YDULRXV FHUWLILFDWLRQ H[DPV ZLWK FRQILGHQFH +HUH DUH VRPH NH\ IHDWXUHV DQG VHUYLFHV RIIHUHG E\ .LOOH[DPV FRP

$FWXDO ([DP 4XHVWLRQV .LOOH[DPV FRP SURYLGHV DFWXDO H[DP TXHVWLRQV WKDW DUH H[SHULHQFHG LQ WHVW FHQWHUV 7KHVH TXHVWLRQV DUH XSGDWHG UHJXODUO\ WR HQVXUH WKH\ DUH XS WR GDWH DQG UHOHYDQW WR WKH ODWHVW H[DP V\OODEXV %\ VWXG\LQJ WKHVH DFWXDO TXHVWLRQV FDQGLGDWHV FDQ IDPLOLDUL]H WKHPVHOYHV ZLWK WKH FRQWHQW DQG IRUPDW RI WKH UHDO H[DP

([DP 'XPSV .LOOH[DPV FRP RIIHUV H[DP GXPSV LQ 3') IRUPDW 7KHVH GXPSV FRQWDLQ D FRPSUHKHQVLYH FROOHFWLRQ RI TXHVWLRQV DQG DQVZHUV WKDW FRYHU WKH H[DP WRSLFV %\ XVLQJ WKHVH GXPSV FDQGLGDWHV FDQ HQKDQFH WKHLU NQRZOHGJH DQG LPSURYH WKHLU FKDQFHV RI VXFFHVV LQ WKH FHUWLILFDWLRQ H[DP

3UDFWLFH 7HVWV .LOOH[DPV FRP SURYLGHV SUDFWLFH WHVWV WKURXJK WKHLU GHVNWRS 9&( H[DP VLPXODWRU DQG RQOLQH WHVW HQJLQH 7KHVH SUDFWLFH WHVWV VLPXODWH WKH UHDO H[DP HQYLURQPHQW DQG KHOS FDQGLGDWHV DVVHVV WKHLU UHDGLQHVV IRU WKH DFWXDO H[DP 7KH SUDFWLFH WHVWV FRYHU D ZLGH UDQJH RI TXHVWLRQV DQG HQDEOH FDQGLGDWHV WR LGHQWLI\ WKHLU VWUHQJWKV DQG ZHDNQHVVHV

*XDUDQWHHG 6XFFHVV .LOOH[DPV FRP RIIHUV D VXFFHVV JXDUDQWHH ZLWK WKHLU H[DP GXPSV 7KH\ FODLP WKDW E\ XVLQJ WKHLU PDWHULDOV FDQGLGDWHV ZLOO SDVV WKHLU H[DPV RQ WKH ILUVW DWWHPSW RU WKH\ ZLOO UHIXQG WKH SXUFKDVH SULFH 7KLV JXDUDQWHH SURYLGHV DVVXUDQFH DQG FRQILGHQFH WR LQGLYLGXDOV SUHSDULQJ IRU FHUWLILFDWLRQ H[DPV

8SGDWHG &RQWHQW .LOOH[DPV FRP UHJXODUO\ XSGDWHV LWV TXHVWLRQ EDQN DQG H[DP GXPSV WR HQVXUH WKDW WKH\ DUH FXUUHQW DQG UHIOHFW WKH ODWHVW FKDQJHV LQ WKH H[DP V\OODEXV 7KLV KHOSV FDQGLGDWHV VWD\ XS WR GDWH ZLWK WKH H[DP FRQWHQW DQG LQFUHDVHV WKHLU FKDQFHV RI VXFFHVV

7HFKQLFDO 6XSSRUW .LOOH[DPV FRP SURYLGHV IUHH [ WHFKQLFDO VXSSRUW WR DVVLVW FDQGLGDWHV ZLWK DQ\ TXHULHV RU LVVXHV WKH\ PD\ HQFRXQWHU ZKLOH XVLQJ WKHLU VHUYLFHV 7KHLU FHUWLILHG H[SHUWV DUH DYDLODEOH WR SURYLGH JXLGDQFH DQG KHOS FDQGLGDWHV WKURXJKRXW WKHLU H[DP SUHSDUDWLRQ MRXUQH\

'PS .PSF FYBNT WJTJU IUUQT LJMMFYBNT DPN WFOEPST FYBN MJTU

.LOO \RXU H[DP DW )LUVW $WWHPSW *XDUDQWHHG