Palo Alto Networks PCCSE Prisma Certified Cloud Security Engineer Online Training
Palo Alto Networks PCCSE Online Training
The questions for PCCSE were last updated at Nov 20,2024.
- Exam Code: PCCSE
- Exam Name: Prisma Certified Cloud Security Engineer
- Certification Provider: Palo Alto Networks
- Latest update: Nov 20,2024
The compliance team needs to associate Prisma Cloud policies with compliance frameworks.
Which option should the team select to perform this task?
- A . Custom Compliance
- B . Policies
- C . Compliance
- D . Alert Rules
Review this admission control policy:
match[{"msg": msg}] { input.request.operation == "CREATE" input.request.kind.kind == "Pod"
input.request.resource.resource == "pods"
input.request.object.spec.containers[_].securityContext.privileged msg := "Privileged"
}
Which response to this policy will be achieved when the effect is set to “block”?
- A . The policy will block all pods on a Privileged host.
- B . The policy will replace Defender with a privileged Defender.
- C . The policy will alert only the administrator when a privileged pod is created.
- D . The policy will block the creation of a privileged pod.
Per security requirements, an administrator needs to provide a list of people who are receiving e-mails for Prisma Cloud alerts.
Where can the administrator locate this list of e-mail recipients?
- A . Target section within an Alert Rule.
- B . Notification Template section within Alerts.
- C . Users section within Settings.
- D . Set Alert Notification section within an Alert Rule.
A customer wants to scan a serverless function as part of a build process.
Which twistcli command can be used to scan serverless functions?
- A . twistcli function scan <SERVERLESS_FUNCTION.ZIP>
- B . twistcli scan serverless <SERVERLESS_FUNCTION.ZIP>
- C . twistcli serverless AWS <SERVERLESS_FUNCTION.ZIP>
- D . twiscli serverless scan <SERVERLESS_FUNCTION.ZIP>
A customer has a development environment with 50 connected Defenders. A maintenance window is set for Monday to upgrade 30 stand-alone Defenders in the development environment, but there is no maintenance window available until Sunday to upgrade the remaining 20 stand-alone Defenders.
Which recommended action manages this situation?
- A . Go to Manage > Defender > Manage, then click Defenders, and use the Scheduler to choose which Defenders will be automatically upgraded during the maintenance window.
- B . Find a maintenance window that is suitable to upgrade all stand-alone Defenders in the development environment.
- C . Upgrade a subset of the Defenders by clicking the individual Actions > Upgrade button in the row that corresponds to the Defender that should be upgraded during the maintenance window.
- D . Open a support case with Palo Alto Networks to arrange an automatic upgrade.
What is an example of an outbound notification within Prisma Cloud?
- A . AWS Inspector
- B . Qualys
- C . Tenable
- D . PagerDuty
A security team has been asked to create a custom policy.
Which two methods can the team use to accomplish this goal? (Choose two.)
- A . add a new policy
- B . clone an existing policy
- C . disable an out-of-the-box policy
- D . edit the query in the out-of-the-box policy
The security auditors need to ensure that given compliance checks are being run on the host.
Which option is a valid host compliance policy?
- A . Ensure functions are not overly permissive.
- B . Ensure host devices are not directly exposed to containers.
- C . Ensure images are created with a non-root user.
- D . Ensure compliant Docker daemon configuration.
DRAG DROP
Match the correct scanning mode for each given operation. (Select your answer from the pull-down list. Answers may be used more than once or not at all.)
A customer wants to be notified about port scanning network activities in their environment.
Which policy type detects this behavior?
- A . Network
- B . Port Scan
- C . Anomaly
- D . Config
Latest PCCSE Dumps Valid Version with 85 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
