Palo Alto Networks PCCSE Prisma Certified Cloud Security Engineer Online Training
Palo Alto Networks PCCSE Online Training
The questions for PCCSE were last updated at Nov 19,2024.
- Exam Code: PCCSE
- Exam Name: Prisma Certified Cloud Security Engineer
- Certification Provider: Palo Alto Networks
- Latest update: Nov 19,2024
An administrator has deployed Console into a Kubernetes cluster running in AWS. The administrator also has configured a load balancer in TCP passthrough mode to listen on the same ports as the default Prisma Compute Console configuration.
In the build pipeline, the administrator wants twistcli to talk to Console over HTTPS.
Which port will twistcli need to use to access the Prisma Compute APIs?
- A . 8084
- B . 443
- C . 8083
- D . 8081
A customer is reviewing Container audits, and an audit has identified a cryptominer attack.
Which three options could have generated this audit? (Choose three.)
- A . The value of the mined currency exceeds $100.
- B . High CPU usage over time for the container is detected.
- C . Common cryptominer process name was found.
- D . The mined currency is associated with a user token.
- E . Common cryptominer port usage was found.
Which step is included when configuring Kubernetes to use Prisma Cloud Compute as an admission controller?
- A . copy the Console address and set the config map for the default namespace.
- B . create a new namespace in Kubernetes called admission-controller.
- C . enable Kubernetes auditing from the Defend > Access > Kubernetes page in the Console.
- D . copy the admission controller configuration from the Console and apply it to Kubernetes.
A Prisma Cloud administrator is onboarding a single GCP project to Prisma Cloud.
Which two steps can be performed by the Terraform script? (Choose two.)
- A . enable flow logs for Prisma Cloud.
- B . create the Prisma Cloud role.
- C . enable the required APIs for Prisma Cloud.
- D . publish the flow log to a storage bucket.
Which statement about build and run policies is true?
- A . Build policies enable you to check for security misconfigurations in the IaC templates.
- B . Every type of policy has auto-remediation enabled by default.
- C . The four main types of policies are: Audit Events, Build, Network, and Run.
- D . Run policies monitor network activities in the environment and check for potential issues during runtime.
An administrator sees that a runtime audit has been generated for a host. The audit message is: “Service postfix attempted to obtain capability SHELL by executing /bin/sh /usr/libexec/postfix/postfix- script.stop. Low severity audit, event is automatically added to the runtime model”
Which runtime host policy rule is the root cause for this runtime audit?
- A . Custom rule with specific configuration for file integrity
- B . Custom rule with specific configuration for networking
- C . Default rule that alerts on capabilities
- D . Default rule that alerts on suspicious runtime behavior
Which option identifies the Prisma Cloud Compute Edition?
- A . Package installed with APT
- B . Downloadable, self-hosted software
- C . Software-as-a-Service (SaaS)
- D . Plugin to Prisma Cloud
Which type of compliance check is available for rules under Defend > Compliance > Containers and Images > CI?
- A . Host
- B . Container
- C . Functions
- D . Image
The security team wants to protect a web application container from an SQLi attack.
Which type of policy should the administrator create to protect the container?
- A . CNAF
- B . Runtime
- C . Compliance
- D . CNNF
An S3 bucket within AWS has generated an alert by violating the Prisma Cloud Default policy “AWS
S3 buckets are accessible to public”.
The policy definition follows:
config where cloud.type = ‘aws’ AND api.name=’aws-s3api-get-bucket-acl’ AND json.rule="((((acl.grants[? (@.grantee==’AllUsers’)] size > 0) or policyStatus.isPublic is true) and publicAccessBlockConfiguration does not exist) or ((acl.grants[?(@.grantee==’AllUsers’)] size > 0) and publicAccessBlockConfiguration.ignorePublicAcis is false) or (policyStatus.isPublic is true and publicAccessBlockConfiguration.restrictPublicBuckets is false)) and websiteConfiguration does not exist"
Why did this alert get generated?
- A . an event within the cloud account
- B . network traffic to the S3 bucket
- C . configuration of the S3 bucket
- D . anomalous behaviors
Latest PCCSE Dumps Valid Version with 85 Q&As
Latest And Valid Q&A | Instant Download | Once Fail, Full Refund
