Prisma Certified Cloud Security Engineer v1.0

Page:    1 / 17   
Exam contains 248 questions
Expand All

The Prisma Cloud administrator has configured a new policy.
Which steps should be used to assign this policy to a compliance standard?

  • A. Edit the policy, go to step 3 (Compliance Standards), click + at the bottom, select the compliance standard, fill in the other boxes, and then click Confirm.
  • B. Create the Compliance Standard from Compliance tab, and then select Add to Policy.
  • C. Open the Compliance Standards section of the policy, and then save.
  • D. Custom policies cannot be added to existing standards.


Answer : B

Reference:
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-policies/create-a-policy.html

An administrator wants to install the Defenders to a Kubernetes cluster. This cluster is running the console on the default service endpoint and will be exporting to
YAML.
✑ Console Address: $CONSOLE_ADDRESS
✑ Websocket Address: $WEBSOCKET_ADDRESS
✑ User: $ADMIN_USER
Which command generates the YAML file for Defender install?

  • A. <PLATFORM>/twistcli defender \ --address $CONSOLE_ADDRESS \ --user $ADMIN_USER \ --cluster-address $CONSOLE_ADDRESS
  • B. <PLATFORM>/twistcli defender export kubernetes \ --address $WEBSOCKET_ADDRESS \ --user $ADMIN_USER \ --cluster-address $CONSOLE_ADDRESS
  • C. <PLATFORM>/twistcli defender YAML kubernetes \ --address $CONSOLE_ADDRESS \ --user $ADMIN_USER \ --cluster-address $WEBSOCKET_ADDRESS
  • D. <PLATFORM>/twistcli defender export kubernetes \ --address $CONSOLE_ADDRESS \ --user $ADMIN_USER \ --cluster-address $WEBSOCKET_ADDRESS


Answer : D

Reference:
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/install/install_kubernetes.html

Which options show the steps required after upgrade of Console?

  • A. Uninstall Defenders Upgrade Jenkins Plugin Upgrade twistcli where applicable Allow the Console to redeploy the Defender
  • B. Update the Console image in the Twistlock hosted registry Update the Defender image in the Twistlock hosted registry Uninstall Defenders
  • C. Upgrade Defenders Upgrade Jenkins Plugin Upgrade twistcli where applicable
  • D. Update the Console image in the Twistlock hosted registry Update the Defender image in the Twistlock hosted registry Redeploy Console


Answer : C

An organization wants to be notified immediately to any `High Severity` alerts for the account group `Clinical Trials` via Slack.
Which option shows the steps the organization can use to achieve this goal?

  • A. 1. Configure Slack Integration 2. Create an alert rule and select ג€Clinical Trialsג€ as the account group 3. Under the ג€Select Policiesג€ tab, filter on severity and select ג€Highג€ 4. Under the Set Alert Notification tab, choose Slack and populate the channel 5. Set Frequency to ג€As it Happensג€
  • B. 1. Create an alert rule and select ג€Clinical Trialsג€ as the account group 2. Under the ג€Select Policiesג€ tab, filter on severity and select ג€Highג€ 3. Under the Set Alert Notification tab, choose Slack and populate the channel 4. Set Frequency to ג€As it Happensג€ 5. Set up the Slack Integration to complete the configuration
  • C. 1. Configure Slack Integration 2. Create an alert rule 3. Under the ג€Select Policiesג€ tab, filter on severity and select ג€Highג€ 4. Under the Set Alert Notification tab, choose Slack and populate the channel 5. Set Frequency to ג€As it Happensג€
  • D. 1. Under the ג€Select Policiesג€ tab, filter on severity and select ג€Highג€ 2. Under the Set Alert Notification tab, choose Slack and populate the channel 3. Set Frequency to ג€As it Happensג€ 4. Configure Slack Integration 5. Create an Alert rule


Answer : B

A business unit has acquired a company that has a very large AWS account footprint. The plan is to immediately start onboarding the new company's AWS accounts into Prisma Cloud Enterprise tenant immediately. The current company is currently not using AWS Organizations and will require each account to be onboarded individually.
The business unit has decided to cover the scope of this action and determined that a script should be written to onboard each of these accounts with general settings to gain immediate posture visibility across the accounts.
Which API endpoint will specifically add these accounts into the Prisma Cloud Enterprise tenant?

  • A. https://api.prismacloud.io/cloud/
  • B. https://api.prismacloud.io/account/aws
  • C. https://api.prismacloud.io/cloud/aws
  • D. https://api.prismacloud.io/accountgroup/aws


Answer : B

A security team has a requirement to ensure the environment is scanned for vulnerabilities.
What are three options for configuring vulnerability policies? (Choose three.)

  • A. individual actions based on package type
  • B. output verbosity for blocked requests
  • C. apply policy only when vendor fix is available
  • D. individual grace periods for each severity level
  • E. customize message on blocked requests


Answer : BCD

Reference:
https://docs.paloaltonetworks.com/prisma/prisma-cloud/19-11/prisma-cloud-compute-edition-admin/vulnerability_management/ vuln_management_rules.html

The Unusual protocol activity (Internal) network anomaly is generating too many alerts. An administrator has been asked to tune it to the option that will generate the least number of events without disabling it entirely.
Which strategy should the administrator use to achieve this goal?

  • A. Disable the policy
  • B. Set the Alert Disposition to Conservative
  • C. Change the Training Threshold to Low
  • D. Set Alert Disposition to Aggressive


Answer : C

Reference:
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-policies/anomaly-policies.html

What is the behavior of Defenders when the Console is unreachable during upgrades?

  • A. Defenders continue to alert, but not enforce, using the policies and settings most recently cached before upgrading the Console.
  • B. Defenders will fail closed until the web-socket can be re-established.
  • C. Defenders will fail open until the web-socket can be re-established.
  • D. Defenders continue to alert and enforce using the policies and settings most recently cached before upgrading the Console.


Answer : D

Reference:
https://docs.paloaltonetworks.com/prisma/prisma-cloud/20-09/prisma-cloud-compute-edition-admin/upgrade/upgrade_process.html

How are the following categorized?
✑ Backdoor account access
✑ Hijacked processes
✑ Lateral movement
✑ Port scanning

  • A. audits
  • B. incidents
  • C. admission controllers
  • D. models


Answer : B

DRAG DROP -
An administrator needs to write a script that automatically deactivates access keys that have not been used for 30 days.
In which order should the API calls be used to accomplish this task?
(Drag the steps into the correct order from the first step to the last.)
Select and Place:



Answer :

Which method should be used to authenticate to Prisma Cloud Enterprise programmatically?

  • A. single sign-on
  • B. SAML
  • C. basic authentication
  • D. access key


Answer : D

Reference:
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/get-started-with-prisma-cloud/access-the-prisma-cloud-api.html

Which option shows the steps to install the Console in a Kubernetes Cluster?

  • A. Download the Console and Defender image Generate YAML for Defender Deploy Defender YAML using kubectl
  • B. Download and extract release tarball Generate YAML for Console Deploy Console YAML using kubectl
  • C. Download the Console and Defender image Download YAML for Defender from the document site Deploy Defender YAML using kubectl
  • D. Download and extract release tarball Download the YAML for Console Deploy Console YAML using kubectl


Answer : B

A customer has a requirement to automatically protect all Lambda functions with runtime protection.
What is the process to automatically protect all the Lambda functions?

  • A. Configure a function scan policy from the Defend/Vulnerabilities/Functions page.
  • B. Configure serverless radar from the Defend/Compliance/Cloud Platforms page.
  • C. Configure a manually embedded Lambda Defender.
  • D. Configure a serverless auto-protect rule for the functions.


Answer : D

Reference:
https://blog.paloaltonetworks.com/prisma-cloud/protect-serverless-functions/

Which statement accurately characterizes SSO Integration on Prisma Cloud?

  • A. Prisma Cloud supports IdP initiated SSO, and its SAML endpoint supports the POST and GET methods.
  • B. Okta, Azure Active Directory, PingID, and others are supported via SAML.
  • C. An administrator can configure different Identity Providers (IdP) for all the cloud accounts that Prisma Cloud monitors.
  • D. An administrator who needs to access the Prisma Cloud API can use SSO after configuration.


Answer : A

Reference:
https://docs-new.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/manage-prisma-cloud-administrators/setup-sso-integration-on- prisma-cloud

DRAG DROP -
Match the service on the right that evaluates each exposure type on the left.
(Select your answer from the pull-down list. Answers may be used more than once or not at all.)
Select and Place:



Answer :

Reference:
https://www.paloaltonetworks.com/prisma/cloud/cloud-data-security

Page:    1 / 17   
Exam contains 248 questions
Expand All

Talk to us!

Have any questions or issues ? Please dont hesitate to contact us

[email protected]

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy