- All Exams Instant Download
Which API calls can scan an image named myimage: latest with twistcli and then retrieve the results from Console?
Which API calls can scan an image named myimage: latest with twistcli and then retrieve the results from Console?A . $ twistcli images scan --address <COMPUTE_CONSOLE> --user <COMPUTER_CONSOLE_USER> --password <COMPUTER_CONSOLE_PASSWD> --verbose myimage: latestB . $ twistcli images scan --address <COMPUTE_CONSOLE> --user <COMPUTER_CONSOLE_USER> ...
Which two pieces of information do you need to onboard this account?
A customer wants to monitor the company’s AWS accounts via Prisma Cloud, but only needs the resource configuration to be monitored for now. Which two pieces of information do you need to onboard this account? (Choose two.)A . CloudtrailB . Subscription IDC . Active Directory IDD . External IDE ....
Which public documentation location should be reviewed to help determine the required attributes to carry out this step?
An administrator has been tasked with a requirement by your DevSecOps team to write a script to continuously query programmatically the existing users, and the user’s associated permission levels, in a Prisma Cloud Enterprise tenant. Which public documentation location should be reviewed to help determine the required attributes to carry...
What are three options for configuring vulnerability policies?
A security team has a requirement to ensure the environment is scanned for vulnerabilities . What are three options for configuring vulnerability policies? (Choose three.)A . individual actions based on package typeB . output verbosity for blocked requestsC . apply policy only when vendor fix is availableD . individual grace...
Which port should the team specify in the CNAF rule to protect the application?
A security team is deploying Cloud Native Application Firewall (CNAF) on a containerized web application. The application is running an NGINX container. The container is listening on port 8080 and is mapped to host port 80. Which port should the team specify in the CNAF rule to protect the application?A...
What is an automatically correlated set of individual events generated by the firewall and runtime sensors to identify unfolding attacks?
What is an automatically correlated set of individual events generated by the firewall and runtime sensors to identify unfolding attacks?A . policyB . incidentC . auditD . anomalyView AnswerAnswer: B Explanation: Reference: https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/runtime_defense/incident_explorer.html
Which option is a valid host compliance policy?
The security auditors need to ensure that given compliance checks are being run on the host . Which option is a valid host compliance policy?A . Ensure functions are not overly permissive.B . Ensure host devices are not directly exposed to containers.C . Ensure images are created with a non-root...
How are the following categorized?
How are the following categorized? Backdoor account access Hijacked processes Lateral movement Port scanningA . auditsB . incidentsC . admission controllersD . modelsView AnswerAnswer: B
Which three steps are involved in onboarding an account for Data Security? (Choose three.)
Which three steps are involved in onboarding an account for Data Security? (Choose three.)A . Create a read-only role with in-line policiesB . Create a Cloudtrail with SNS TopicC . Enable Flow LogsD . Enter the RoleARN and SNSARNE . Create a S3 bucketView AnswerAnswer: B,D,E
How should the development team configure the pipeline or policy to produce this outcome?
The development team wants to fail CI jobs where a specific CVE is contained within the image . How should the development team configure the pipeline or policy to produce this outcome?A . Set the specific CVE exception as an option in Jenkins or twistcli.B . Set the specific CVE...
