Why are no alerts being generated?

You have onboarded a public cloud account into Prisma Cloud Enterprise. Configuration Resource

ingestion is visible in the Asset Inventory for the onboarded account, but no alerts are being generated for the configuration assets in the account.

Config policies are enabled in the Prisma Cloud Enterprise tenant, with those policies associated to existing alert rules. ROL statements on the investigate matching those policies return config resource results successfully.

Why are no alerts being generated?
A . The public cloud account is not associated with an alert notification.
B . The public cloud account does not have audit trail ingestion enabled.
C . The public cloud account does not access to configuration resources.
D . The public cloud account is not associated with an alert rule.

Answer: D

Explanation:

In Prisma Cloud Enterprise, for alerts to be generated for configuration assets in an onboarded public cloud account, it is essential that the account is associated with an alert rule that matches the enabled config policies. If the account is not linked to an alert rule or if the existing alert rules do not match the config policies, no alerts will be generated even though configuration resource ingestion is visible, and RQL statements return config resource results. This requirement emphasizes the need for a well-structured alerting mechanism to ensure that security incidents are promptly identified and addressed​.

Latest PCCSE Dumps Valid Version with 85 Q&As

Latest And Valid Q&A | Instant Download | Once Fail, Full Refund

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments