PCCSE

A customer has multiple violations in the environment including: User namespace is enabled An LDAP server is enabled SSH root is enabled Which section of Console should the administrator use to review these findings?A . ManageB . VulnerabilitiesC . RadarD . ComplianceView AnswerAnswer: A

Which options show the steps required after upgrade of Console?A . Uninstall Defenders Upgrade Jenkins Plugin Upgrade twistcli where applicable Allow the Console to redeploy the DefenderB . Update the Console image in the Twistlock hosted registry Update the Defender image in the Twistlock hosted registry Uninstall DefendersC . Upgrade...

The security auditors need to ensure that given compliance checks are being run on the host . Which option is a valid host compliance policy?A . Ensure functions are not overly permissive.B . Ensure host devices are not directly exposed to containers.C . Ensure images are created with a non-root...

A security team has a requirement to ensure the environment is scanned for vulnerabilities . What are three options for configuring vulnerability policies? (Choose three.)A . individual actions based on package typeB . output verbosity for blocked requestsC . apply policy only when vendor fix is availableD . individual grace...

An administrator sees that a runtime audit has been generated for a host. The audit message is: “Service postfix attempted to obtain capability SHELL by executing /bin/sh /usr/libexec/postfix/postfix-script.stop. Low severity audit, event is automatically added to the runtime model” Which runtime host policy rule is the root cause for this...

A customer does not want alerts to be generated from network traffic that originates from trusted internal networks. Which setting should you use to meet this customer’s request?A . Trusted Login IP AddressesB . Anomaly Trusted ListC . Trusted Alert IP AddressesD . Enterprise Alert DispositionView AnswerAnswer: C Explanation: Reference:...

Which three steps are involved in onboarding an account for Data Security? (Choose three.)A . Create a read-only role with in-line policiesB . Create a Cloudtrail with SNS TopicC . Enable Flow LogsD . Enter the RoleARN and SNSARNE . Create a S3 bucketView AnswerAnswer: B,C,E

Which API calls can scan an image named myimage: latest with twistcli and then retrieve the results from Console?A . $ twistcli images scan --address <COMPUTE_CONSOLE> --user <COMPUTER_CONSOLE_USER> --password <COMPUTER_CONSOLE_PASSWD> --verbose myimage: latestB . $ twistcli images scan --address <COMPUTE_CONSOLE> --user <COMPUTER_CONSOLE_USER> ...

Which container scan is constructed correctly?A . twistcli images scan -u api -p api --address https://us-west1.cloud.twistlock.com/us-3-123456789 -- container myimage/latestB . twistcli images scan --docker-address https://us-west1.cloud.twistlock.com/us-3-123456789 myimage/latestC . twistcli images scan -u api -p api --address https://us-west1.cloud.twistlock.com/us-3-123456789 --details myimage/latestD . twistcli images scan -u api -p api --docker-address https://us-west1.cloud.twistlock.com/us-3-123456789 myimage/latestView AnswerAnswer:...

Console is running in a Kubernetes cluster, and you need to deploy Defenders on nodes within this cluster. Which option shows the steps to deploy the Defenders in Kubernetes using the default Console service name?A . From the deployment page in Console, choose pod name for Console identifier, generate DaemonSet...