- All Exams Instant Download
Which recommended action manages this situation?
A customer has a development environment with 50 connected Defenders. A maintenance window is set for Monday to upgrade 30 stand-alone Defenders in the development environment, but there is no maintenance window available until Sunday to upgrade the remaining 20 stand-alone Defenders. Which recommended action manages this situation?A . Go...
Which options show the steps required after upgrade of Console?
Which options show the steps required after upgrade of Console?A . Uninstall Defenders Upgrade Jenkins Plugin Upgrade twistcli where applicable Allow the Console to redeploy the DefenderB . Update the Console image in the Twistlock hosted registry Update the Defender image in the Twistlock hosted registry Uninstall DefendersC . Upgrade...
Which two steps can be performed by the Terraform script?
A Prisma Cloud administrator is onboarding a single GCP project to Prisma Cloud. Which two steps can be performed by the Terraform script? (Choose two.)A . enable flow logs for Prisma Cloud.B . create the Prisma Cloud role.C . enable the required APIs for Prisma Cloud.D . publish the flow...
Which twistcli command can be used to scan serverless functions?
A customer wants to scan a serverless function as part of a build process. Which twistcli command can be used to scan serverless functions?A . twistcli function scan <SERVERLESS_FUNCTION.ZIP>B . twistcli scan serverless <SERVERLESS_FUNCTION.ZIP>C . twistcli serverless AWS <SERVERLESS_FUNCTION.ZIP>D . twiscli serverless scan <SERVERLESS_FUNCTION.ZIP>View AnswerAnswer: A Explanation: Scanning serverless functions...
Which pages in Prisma Cloud Compute can the SecOps lead use to investigate the runtime aspects of this attack?
A DevOps lead reviewed some system logs and notices some odd behavior that could be a data exfiltration attempt. The DevOps lead only has access to vulnerability data in Prisma Cloud Compute, so the DevOps lead passes this information to SecOps. Which pages in Prisma Cloud Compute can the SecOps...
What will be the effect if the security team chooses to Relearn on this image?
A security team notices a number of anomalies under Monitor > Events. The incident response team works with the developers to determine that these anomalies are false positives. What will be the effect if the security team chooses to Relearn on this image?A . The model is deleted, and Defender...
Which policy type should be used?
An administrator needs to detect and alert on any activities performed by a root account. Which policy type should be used?A . config-runB . config-buildC . networkD . audit eventView AnswerAnswer: D Explanation: To detect and alert on activities performed by a root account, an audit event policy should be...
What is the maximum number of access keys a user can generate in Prisma Cloud with a System Admin role?
What is the maximum number of access keys a user can generate in Prisma Cloud with a System Admin role?A . 1B . 2C . 3D . 4View AnswerAnswer: B Explanation: Reference: https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/manage-prisma-cloud-administrators/create-access-keys.html#:~:text=You%20can%20enable%20API%20access,generate%20one%20access%20key%20only In Prisma Cloud, a user with a System Admin role can generate a maximum of 2 access...
config where cloud.type = 'aws' AND api.name='aws-s3api-get-bucket-acl' AND json.rule="((((acl.grants[? (@.grantee=='AllUsers')] size > 0) or policyStatus.isPublic is true) and publicAccessBlockConfiguration does not exist) or ((acl.grants[?
An S3 bucket within AWS has generated an alert by violating the Prisma Cloud Default policy “AWS S3 buckets are accessible to public”. The policy definition follows: config where cloud.type = 'aws' AND api.name='aws-s3api-get-bucket-acl' AND json.rule="((((acl.grants[? (@.grantee=='AllUsers')] size > 0) or policyStatus.isPublic is true) and publicAccessBlockConfiguration does not exist) or...
