PrepAway - Latest Free Exam Questions & Answers

Category: Palo Alto Networks PCCSE

Which statement about build and run policies is true?

Which statement about build and run policies is true? A. Build policies enable you to check for security misconfigurations in the IaC templates. B. Every type of policy has auto-remediation enabled by default. C. The four main types of policies are: Audit Events, Build, Network, and Run. D. Run policies monitor network activities in the […]

A Prisma Cloud administrator is onboarding a single GCP project to Prisma Cloud.

A Prisma Cloud administrator is onboarding a single GCP project to Prisma Cloud. Which two steps can be performed by the Terraform script? (Choose two.) A. enable flow logs for Prisma Cloud. B. create the Prisma Cloud role. C. enable the required APIs for Prisma Cloud. D. publish the flow log to a storage bucket.

Which step is included when configuring Kubernetes to use Prisma Cloud Compute as an admission controller?

Which step is included when configuring Kubernetes to use Prisma Cloud Compute as an admission controller? A. copy the Console address and set the config map for the default namespace. B. create a new namespace in Kubernetes called admission-controller. C. enable Kubernetes auditing from the Defend > Access > Kubernetes page in the Console. D. […]

A customer is reviewing Container audits, and an audit has identified a cryptominer attack.

A customer is reviewing Container audits, and an audit has identified a cryptominer attack. Which three options could have generated this audit? (Choose three.) A. The value of the mined currency exceeds $100. B. High CPU usage over time for the container is detected. C. Common cryptominer process name was found. D. The mined currency […]

An administrator has deployed Console into a Kubernetes cluster running in AWS.

An administrator has deployed Console into a Kubernetes cluster running in AWS. The administrator also has configured a load balancer in TCP passthrough mode to listen on the same ports as the default Prisma Compute Console configuration. In the build pipeline, the administrator wants twistcli to talk to Console over HTTPS. Which port will twistcli […]

A customer finds that an open alert from the previous day has been resolved.

A customer finds that an open alert from the previous day has been resolved. No auto-remediation was configured. Which two reasons explain this change in alert status? (Choose two.) A. user manually changed the alert status. B. policy was changed. C. resource was deleted. D. alert was sent to an external integration. Reference: https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/manage-prisma-cloud-alerts/prisma-cloud-alert-resolution-reasons.html

A DevOps lead reviewed some system logs and notices some odd behavior that could be a data exfiltration attemp

A DevOps lead reviewed some system logs and notices some odd behavior that could be a data exfiltration attempt. The DevOps lead only has access to vulnerability data in Prisma Cloud Compute, so the DevOps lead passes this information to SecOps. Which pages in Prisma Cloud Compute can the SecOps lead use to investigate the […]

A customer does not want alerts to be generated from network traffic that originates from trusted internal net

A customer does not want alerts to be generated from network traffic that originates from trusted internal networks. Which setting should you use to meet this customer’s request? A. Trusted Login IP Addresses B. Anomaly Trusted List C. Trusted Alert IP Addresses D. Enterprise Alert Disposition Reference: https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/manage-prisma-cloud-alerts/trusted-ip-addresses-on-prisma-cloud.html

A security team notices a number of anomalies under Monitor > Events.

A security team notices a number of anomalies under Monitor > Events. The incident response team works with the developers to determine that these anomalies are false positives. What will be the effect if the security team chooses to Relearn on this image? A. The model is deleted, and Defender will relearn for 24 hours. B. […]


Page 1 of 212