최신 PCCSE 무료덤프 - Palo Alto Networks Prisma Certified Cloud Security Engineer
Which report includes an executive summary and a list of policy violations, including a page with details for each policy?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
Which RQL query will help create a custom identity and access management (1AM) policy to alert on Lambda functions that have permission to terminate EC2 instances?
정답: A
What is an example of an outbound notification within Prisma Cloud?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
In Prisma Cloud for Azure Net Effective Permissions Calculation, the following Azure permission levels are supported by which three permissions? (Choose three).
정답: A,C,D
설명: (DumpTOP 회원만 볼 수 있음)
Which "kind" of Kubernetes object is configured to ensure that Defender is acting as the admission controller?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
Review this admission control policy:
match[{"msg": msg}] { input.request.operation == "CREATE" input.request.kind.kind == "Pod" input.request.resource.resource == "pods" input.request.object.spec.containers[_].securityContext.privileged msg := "Privileged"
}
Which response to this policy will be achieved when the effect is set to "block"?
match[{"msg": msg}] { input.request.operation == "CREATE" input.request.kind.kind == "Pod" input.request.resource.resource == "pods" input.request.object.spec.containers[_].securityContext.privileged msg := "Privileged"
}
Which response to this policy will be achieved when the effect is set to "block"?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
A customer has a development environment with 50 connected Defenders. A maintenance window is set for Monday to upgrade 30 stand-alone Defenders in the development environment, but there is no maintenance window available until Sunday to upgrade the remaining 20 stand-alone Defenders.
Which recommended action manages this situation?
Which recommended action manages this situation?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
Which Defender type performs registry scanning?
정답: A
설명: (DumpTOP 회원만 볼 수 있음)
Which two CI/CD plugins are supported by Prisma Cloud as part of its Code Security? (Choose two.)
정답: A,C
설명: (DumpTOP 회원만 볼 수 있음)
Which two IDE plugins are supported by Prisma Cloud as part of its DevOps Security? (Choose two.)
정답: C,D
설명: (DumpTOP 회원만 볼 수 있음)
A customer is deploying Defenders to a Fargate environment. It wants to understand the vulnerabilities in the image it is deploying.
How should the customer automate vulnerability scanning for images deployed to Fargate?
How should the customer automate vulnerability scanning for images deployed to Fargate?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
Given the following information, which twistcli command should be run if an administrator were to exec into a running container and scan it from within using an access token for authentication?
* Console is located at https://prisma-console.mydomain.local
* Token is: TOKEN_VALUE
* Report ID is: REPORTJD
* Container image running is: myimage:latest
* Console is located at https://prisma-console.mydomain.local
* Token is: TOKEN_VALUE
* Report ID is: REPORTJD
* Container image running is: myimage:latest
정답: D
설명: (DumpTOP 회원만 볼 수 있음)
Match the correct scanning mode for each given operation.
(Select your answer from the pull-down list. Answers may be used more than once or not at all.)
(Select your answer from the pull-down list. Answers may be used more than once or not at all.)
정답:
Explanation:
* Create SNS Topic Triggers: No data security scan
* Select an S3 bucket: Forward Scan only
* Select an S3 bucket with existing files: Forward or Backward Scan
* Link an S3 logging to CloudTrail: Backward Scan only
The scanning mode for Data Security in AWS typically depends on the configuration and the desired outcomes for monitoring and protecting data within S3 buckets.
Creating SNS Topic Triggers is a configuration step that does not directly involve scanning. It is part of setting up notifications for events in S3 buckets, but on its own, it does not initiate a data security scan.
Selecting an S3 bucket without specifying existing files typically implies that you intend to scan new objects as they are added to the bucket, which is known as a Forward Scan. This mode is proactive and scans files upon their arrival in the bucket.
When you select an S3 bucket with existing files, you can perform either Forward Scanning for new files or Backward Scanning to scan all existing files in the bucket. This option provides the most comprehensive scanning coverage for both new and existing data.
Linking an S3 logging to CloudTrail is usually a step taken to monitor access and changes to S3 resources. In the context of scanning, linking S3 to CloudTrail does not initiate a scan, but the CloudTrail logs can be used to trigger a Backward Scan if configured to do so, which scans historical files in the bucket based on CloudTrail events.
A customer has a requirement to terminate any Container from image topSecret:latest when a process named ransomWare is executed.
How should the administrator configure Prisma Cloud Compute to satisfy this requirement?
How should the administrator configure Prisma Cloud Compute to satisfy this requirement?
정답: B
설명: (DumpTOP 회원만 볼 수 있음)
On which cloud service providers can new API release information for Prisma Cloud be received?
정답: D
설명: (DumpTOP 회원만 볼 수 있음)