Palo Alto Networks PCCSE Prisma Certified Cloud Security Engineer Online Training
Palo Alto Networks PCCSE Online Training
The questions for PCCSE were last updated at Nov 21,2024.
- Exam Code: PCCSE
- Exam Name: Prisma Certified Cloud Security Engineer
- Certification Provider: Palo Alto Networks
- Latest update: Nov 21,2024
An administrator needs to detect and alert on any activities performed by a root account.
Which policy type should be used?
- A . config-run
- B . config-build
- C . network
- D . audit event
One of the resources on the network has triggered an alert for a Default Config policy.
Given the following resource JSON snippet:
Which RQL detected the vulnerability?
A)
B)
C)
D)
- A . Option A
- B . Option B
- C . Option C
- D . Option D
A customer has multiple violations in the environment including:
User namespace is enabled
An LDAP server is enabled
SSH root is enabled
Which section of Console should the administrator use to review these findings?
- A . Manage
- B . Vulnerabilities
- C . Radar
- D . Compliance
A customer has serverless functions that are deployed in multiple clouds.
Which serverless cloud provider is covered be “overly permissive service access” compliance check?
- A . Alibaba
- B . GCP
- C . AWS
- D . Azure
A customer has a requirement to restrict any container from resolving the name www.evil-url.com.
How should the administrator configure Prisma Cloud Compute to satisfy this requirement?
- A . Choose “copy into rule” for any Container, set www.evil-url.com as a blocklisted DNS name in the Container policy and set the policy effect to alert.
- B . Set www.evil-url.com as a blocklisted DNS name in the default Container runtime policy, and set the effect to block.
- C . Choose “copy into rule” for any Container, set www.evil-url.com as a blocklisted DNS name, and set the effect to prevent.
- D . Set www.evil-url.com as a blocklisted DNS name in the default Container policy and set the effect to prevent.
Which API calls can scan an image named myimage: latest with twistcli and then retrieve the results from Console?
- A . $ twistcli images scan
–address <COMPUTE_CONSOLE>
–user <COMPUTER_CONSOLE_USER>
–password <COMPUTER_CONSOLE_PASSWD>
–verbose
myimage: latest - B . $ twistcli images scan
–address <COMPUTE_CONSOLE>
–user <COMPUTER_CONSOLE_USER>
–password <COMPUTER_CONSOLE_PASSWD>
–details
myimage: latest - C . $ twistcli images scan
–address <COMPUTE_CONSOLE>
–user <COMPUTER_CONSOLE_USER>
–password <COMPUTER_CONSOLE_PASSWD>
myimage: latest - D . $ twistcli images scan
–address <COMPUTE_CONSOLE>
–user <COMPUTER_CONSOLE_USER>
–password <COMPUTER_CONSOLE_PASSWD>
–console
myimage: latest
Given the following RQL:
event from cloud.audit_logs where operation IN (‘CreateCryptoKey’, ‘DestroyCryptoKeyVersion’, ‘v1.compute.disks.createSnapshot’)
Which audit event snippet is identified?
A)
B)
C)
D)
- A . Option A
- B . Option B
- C . Option C
- D . Option D
Which two of the following are required to be entered on the IdP side when setting up SSO in Prisma Cloud? (Choose two.)
- A . Username
- B . SSO Certificate
- C . Assertion Consumer Service (ACS) URL
- D . SP (Service Provider) Entity ID
An administrator sees that a runtime audit has been generated for a container.
The audit message is: “/bin/ls launched and is explicitly blocked in the runtime rule. Full command: ls -latr”
Which protection in the runtime rule would cause this audit?
- A . Networking
- B . File systems
- C . Processes
- D . Container
Latest PCCSE Dumps Valid Version with 85 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
