최신 PCCSE 무료덤프 - Palo Alto Networks Prisma Certified Cloud Security Engineer

문제1

Which of the following is displayed in the asset inventory?

A. Asset tags

B. EC2 instances

C. SSO users

D. Federated users

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제2

A customer has a requirement to scan serverless functions for vulnerabilities.
Which three settings are required to configure serverless scanning? (Choose three.)

A. Credential

B. Region

C. Console Address

D. Provider

E. Defender Name

정답: A,B,D

설명: (DumpTOP 회원만 볼 수 있음)

문제3

An administrator wants to retrieve the compliance policies for images scanned in a continuous integration (CI) pipeline.
Which endpoint will successfully execute to enable access to the images via API?

A. GET /api/v22.01/policies/compliance/ci

B. GET /api/v22.01/policies/compliance

C. GET /api/v22.01/policies/compliance/ci/serverless

D. GET /api/v22.01/policies/compliance/ci/images

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제4

What happens when a role is deleted in Prisma Cloud?

A. The users associated with that role will be deleted.

B. Any integrations that use the access key to make calls to Prisma Cloud will stop working.

C. Any user who uses that key will be deleted.

D. The access key associated with that role is automatically deleted.

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제5

Which of the following is a reason for alert dismissal?

A. ALERT_RULE_ADDED

B. USER_DELETED

C. SNOOZED_AUTO_CLOSE

D. POLICY_UPDATED

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제6

What should be used to associate Prisma Cloud policies with compliance frameworks?

A. Alert rules

B. Policies

C. Compliance

D. Custom compliance

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제7

A customer wants to monitor its Amazon Web Services (AWS) accounts via Prisma Cloud, but only needs the resource configuration to be monitored at present.
Which two pieces of information are needed to onboard this account? (Choose two.)

A. Active Directory ID

B. RoleARN

C. External ID

D. CloudTrail

정답: B,C

설명: (DumpTOP 회원만 볼 수 있음)

문제8

Who can access saved searches in a cloud account?

A. Administrators

B. All users with whom the saved search has been shared

C. Users who can access the tenant

D. Creators

정답: A

설명: (DumpTOP 회원만 볼 수 있음)

문제9

Which policy type in Prisma Cloud can protect against malware?

A. Network

B. Data

C. Config

D. Event

정답: B

문제10

A customer has a requirement to terminate any Container from image topSecret:latest when a process named ransomWare is executed.
How should the administrator configure Prisma Cloud Compute to satisfy this requirement?

A. add a new runtime policy targeted at a specific Container name, add ransomWare process into the denied process list, and set the action to "prevent".

B. choose "copy into rule" for the Container, add a ransomWare process into the denied process list, and set the action to "block".

C. set the Container model to manual relearn and set the default runtime rule to block for process protection.

D. set the Container model to relearn and set the default runtime rule to prevent for process protection.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제11

Which RQL query will help create a custom identity and access management (1AM) policy to alert on Lambda functions that have permission to terminate EC2 instances?

A. config from iam where dest.cloud.type = 'AWS' AND source.cloud.service.name = 'lambda' AND source.cloud.resource.type = 'function' AND dest.cloud.service.name = 'ec2' AND action.name =
'ec2:TerminateInstances'

B. config from iam where dest.cloud.type = 'AWS' AND source.cloud.service.name = 'ec2' AND source.cloud.resource.type = 'instance' AND dest.cloud.service.name = 'lambda' AND action.name =
'ec2:TerminateInstances'

C. iam from cloud.resource where cloud.type equals 'AWS' AND cloud.resource.type equals 'lambda function' AND cloud.service.name = 'ec2' AND action.name equals 'ec2:TerminateInstances'

D. iam from cloud.resource where dest.cloud.type = 'AWS' AND source.cloud.service.name = 'lambda' AND source.cloud.resource.type = 'function' AND dest.cloud.service.name = 'ec2' AND action.name =
'ec2:TerminateInstances'

정답: A

문제12

The exclamation mark on the resource explorer page would represent?

A. the resource was modified recently

B. resource has been deleted

C. resource has alerts

D. resource has compliance violation

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제13

Which two offerings will scan container images in Jenkins pipelines? (Choose two.)

A. Compute Jenkins plugin

B. Compute Azure DevOps plugin

C. Prisma Cloud Visual Studio Code plugin with Jenkins integration

D. Twistcli

E. Jenkins Docker plugin

정답: A,D

설명: (DumpTOP 회원만 볼 수 있음)

문제14

Which field is required during the creation of a custom config query?

A. finding.type

B. resource status

C. api.name

D. cloud.type

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제15

A customer's Security Operations Center (SOC) team wants to receive alerts from Prisma Cloud via email once a day about all policies that have a violation, rather than receiving an alert every time a new violation occurs.
Which alert rule configuration meets this requirement?

A. Configure an alert rule with all the defaults except selecting email within the "Alert Notifications" tab and specifying recipient.

B. Configure an alert rule. Under the "Policies" tab, select "All Policies." In the "Set Alert Notifications" tab, select "Email > Recurring," set to repeat every 1 day, and then enable "Email."

C. Configure an alert rule. Under the "Policies" tab, select "High Risk Severity Policies." In the "Set Alert Notifications" tab, select "Email > Recurring," set to repeat every 1 day, and enable "Email."

D. Set up email integrations under the "Integrations" tab in "Settings" and create a notification template.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제16

An administrator sees that a runtime audit has been generated for a container.
The audit message is:
"/bin/ls launched and is explicitly blocked in the runtime rule. Full command: ls -latr" Which protection in the runtime rule would cause this audit?

A. Container

B. File systems

C. Networking

D. Processes

정답: D

설명: (DumpTOP 회원만 볼 수 있음)

문제17

On which cloud service providers can you receive new API release information for Prisma Cloud?

A. AWS, Azure, GCP, Oracle, IBM

B. AWS, Azure, GCP, IBM

C. AWS, Azure, GCP, Oracle, Alibaba

D. AWS, Azure, GCP, IBM, Alibaba

정답: C

설명: (DumpTOP 회원만 볼 수 있음)

문제18

What is the maximum number of access keys a user can generate in Prisma Cloud with a System Admin role?

A. 4

B. 1

C. 3

D. 2

정답: D

문제19

A DevOps lead reviewed some system logs and notices some odd behavior that could be a data exfiltration attempt. The DevOps lead only has access to vulnerability data in Prisma Cloud Compute, so the DevOps lead passes this information to SecOps.
Which pages in Prisma Cloud Compute can the SecOps lead use to investigate the runtime aspects of this attack?

A. The SecOps lead should use Incident Explorer and Compliance Explorer.

B. The SecOps lead should use the Incident Explorer page and Monitor > Events > Container Audits.

C. The SecOps lead should investigate the attack using Vulnerability Explorer and Runtime Radar.

D. The SecOps lead should review the vulnerability scans in the CI/CD process to determine blame.

정답: B

설명: (DumpTOP 회원만 볼 수 있음)

문제20

What are two built-in RBAC permission groups for Prisma Cloud? (Choose two.)

A. Group Membership Admin

B. Group Admin

C. Account Group Admin

D. Account Group Read Only

정답: A,C

설명: (DumpTOP 회원만 볼 수 있음)

최신 PCCSE 무료덤프 - Palo Alto Networks Prisma Certified Cloud Security Engineer

우리와 연락하기

유용한 링크

최신 업데이트