PSE Prisma Cloud

Réussis tes devoirs et examens dès maintenant avec Quizwiz!

Which two RQL operators can be used to parse through JSON arrays? (Choose two.) Select All Correct Responses ? # % @

# @

What handles scanning of the container registry?

A defender, or a pool of defenders

Which three cloud service providers are supported with a Prisma Cloud and Tenable integration? (Choose three.) OCI AWS GCP Azure Alibaba Cloud

AWS GCP Azure

Which two integrations support outbound alert notifications? (Choose two.) AWS SQS AWS Inspector Splunk Tenable

AWS SQS Splunk

Which operation can be performed from Settings > Access Keys? Secret Key can be updated Access Key can be updated Secret Key can be displayed for a previously created key Access Key can be imported

Access Key can be updated

Which two requirements are needed for automatic remediation? (Choose two.) Alert rule that includes a policy that supports remediation Policy that incorporates CLI commands that can remediate a policy violation Cloud account role with read permissions System admin account configured for Prisma Cloud

Alert rule that includes a policy that supports remediation Policy that incorporates CLI commands that can remediate a policy violation

Which type of authentication token is used for API calls? OAuth 2.0 Bearer Token API Key Digest Auth

Bearer Token

What is the principle of least privilege? All users are set to a minimum default privilege when their accounts are created. Only a limited number of users can set user privileges. All users have only the minimum level of access needed to perform their job functions. To ensure that no users have too little privilege.

All users have only the minimum level of access needed to perform their job functions.

Which two integrations are performed during the cloud account onboarding process in Prisma Cloud? (Choose two.) Jira Amazon GuardDuty Amazon Inspector PagerDuty

Amazon GuardDuty Amazon Inspector

Which statement accurately describes the integration between Prisma Cloud and Amazon GuardDuty? Amazon GuardDuty is not supported in Prisma Cloud. Amazon GuardDuty integration is performed during the Prisma Cloud onboarding process. Amazon GuardDuty requires an SSO connection to integrate into Prisma Cloud. Amazon GuardDuty requires read and write access into Prisma Cloud.

Amazon GuardDuty integration is performed during the Prisma Cloud onboarding process.

Which is an example of an external integration that performs an inbound (pull) of data into Prisma Cloud? Amazon GuardDuty Amazon SQS Amazon EC2 AWS Security Hub

Amazon Guardduty

IAM is under which area of the Prisma Cloud Native Security Platform? Cloud Security Posture Management Cloud Workload Protection Cloud Network Security Cloud Infrastructure Entitlement Management

Cloud Infrastructure Entitlement Management

CNAF?

Cloud Native Application Firewall

Which two charts are supported from the Compliance Dashboard? (Choose two.) Top Compliance Violations Compliance Coverage Sunburst Compliance Risk Rating Compliance Trendline

Compliance Coverage Sunburst Compliance Trendline

If auto-remediation is not working on your GCP account, which role should you review first? Folder Viewer Compute Security Admin Organization Role Viewer Dataflow Admin

Compute Security Admin

Prisma Cloud Data Security categorizes exposure levels into which three categories? (Choose three.) Conditional Public Accessible Private Confidential

Conditional Public Private

Which alert type uses RQL for policy enforcement? Intrusion Anomaly Config UEBA

Config

What are the three key data types? (Choose three.) config event integration network identity

Config Event Network

RQL supports which two query types? (Choose two) Config User Database Network

Config Network

Which RQL query type supports using joins? config from compound from event from network from

Config from

Which query is properly formatted using the RQL syntax? Config from cloud.resource where cloud.type = 'aws' Config where cloud.resource from cloud.type = 'aws' Config cloud.resource where cloud.type = from 'aws' Config cloud.resource = cloud.type = 'aws'

Config from cloud.resource where cloud.type = 'aws'

Alerts are created from which event? Resource config is updated from the cloud console Network traffic exceeds the configured threshold User activity is recorded in the Audit log Config scanner finds a resource in violation of a policy

Config scanner finds a resource in violation of a policy

Which alert type does not use RQL? Event Anomaly Config Network

Anomaly

Which alert type does not use RQL? Config Anomaly Event Network

Anomoly

Which two methods of automation are supported for deploying Prisma Cloud Compute Edition? (Choose two.) Powershell Prometheus Ansible Terraform

Ansible Terraform

Which Defender type must be upgraded manually? Container Image App Embedded Host

App Embedded

What is it called when a CNAF is embedded in the container it protects?

App Embedded Defender

What is the recommended first step after activating the IAM Security module? Review permissions for roles and groups. Create a new IAM policy based on high-risk identity use cases. Review your compliance requirements. Apply the out-of-the-box policies to determine if there are overly permissive

Apply the out-of-the-box policies to determine if there are overly permissive

What kinds of process violations are detectable by process defense?

Crypto Miners Lateral Movement (like netcat) Parent-Child process relationships Explicit Deny/Allows

Which option is available for uploading logs in the Prisma Cloud Compute Edition? Audit logs to SOC Debug logs to SOC Audit logs to Prisma Cloud support Debug logs to Prisma Cloud support

Debug logs to Prisma Cloud support

To download Defender logs, you follow which navigation path? View Logs > Manage > Defenders Defenders > Manage > Defenders Defenders > Deploy > Defenders System > Manage > Defenders

Defenders > Manage > Defenders

Which method is used to upgrade Defenders after a console upgrade? Uninstall and reinstall each Defender. Defenders are auto-upgraded. Defenders do not require an upgrade because they are backward compatible. Navigate to the Defender / Manage view and click Upgrade for each Defender.

Defenders are auto-upgraded.

When troubleshooting SAML integration issues, where would you locate the last 5 SAML failures? Settings > Audit Logs > Last 5 SAML Failures Settings > Access Keys > Last 5 SAML Failures Settings > Cloud Accounts > Status > Last 5 SAML Failures Settings > SSO > Last 5 SAML Failures

Settings > SSO > Last 5 SAML Failures

What is the name of the feature that allows you to declare, by policy, which registries, repositories or images you trust?

Trusted Images

Which two sets of credentials can be used to authenticate when using the Login API call? (Choose two.) Select All Correct Responses username and password Access Key and password Access Key and Secret Key username and JSON Web Token

Username and Password Access Key and Secret Key

Which three entities are considered a source? (choose three.) a region an IdP user a public cloud account a Lambda function an EC2 instance

an IdP user a Lambda function an EC2 instance

In the Alert Mechanism, what are the three constructs? (Choose three.) a. Alert Profile b. Ignore specific CVEs or tags (allow). c. Alert Channel d. Alert Trigger

a. Alert Profile c. Alert Channel d. Alert Trigger

Which two rules exceptions can be configured on Prisma Cloud ? (Choose two.) a. Alert or block on specific CVEs or tags (deny). b. Ignore specific CVEs or tags (allow). c. Container is running as root. d. Running as non-privileged host.

a. Alert or block on specific CVEs or tags (deny). b. Ignore specific CVEs or tags (allow).

Which dashboard provides a snapshot of the current state of all cloud resources or assets that you are monitoring and securing using Prisma Cloud? a. Asset Inventory b. Compliance Reports c. Radar d. Prisma Cloud DevOps Inventory

a. Asset Inventory

Which two Dashboards are used to investigate detected policy violation? (Choose two.) a. Asset Inventory b. Vulnerability c. Compliance Dashboard d. DevOps Dashboard

a. Asset Inventory c. Compliance Dashboard

Select Prisma Cloud software Alert remediation type? (Choose three.) a. Automated Remediation b. Identity Security c. Manual Remediation d. Monitor Alerts

a. Automated Remediation c. Manual Remediation d. Monitor Aler

1. What are two types of alert reports that can be generated to inform stakeholders about the status of the cloud assets and how they are doing against Prisma Cloud security and compliance policy checks? (Choose two.) a. Cloud Security Assessment Report b. Compliance Report c. Business Unit Report d. AWS e. GCP

a. Cloud Security Assessment Report c. Business Unit Report

Which Dashboard can also view or download historic reports so that you can see your compliance trend. ? a. Asset Inventory dashboard b. Compliance Reports dashboard c. Radar d. Prisma Cloud DevOps Inventory

b. Compliance Reports dashboard

Which two components does Prisma Cloud Compute use? (Choose two.) a. NOC b. Console c. Controller d. Defender

b. Console d. Defender

Select the three anomaly policies that are predefined and marked as Prisma Cloud Default policies. (Choose three.) a. Application Enumeration b. Excessive login failures c. Unusual user activity d. Network evasion and resource misuse

b. Excessive login failures c. Unusual user activity d. Network evasion and resource misuse

Which event requires that rules and policies be tuned? a. Apps are added to a CVE. b. Existing apps are upgraded. c. Existing apps are removed. d. New apps are announced.

b. Existing apps are upgraded.

Select three CSPM Platform functions. (Choose three.) a. Threat Management b. Identity Security c. Network Security d. Policies and DevOps

b. Identity Security c. Network Security d. Policies and DevOps

What are the two Runtime defense principal object types? (Choose two.) a. Defenders b. Models c. Console d. Rules e. API

b. Models d. Rules

Which two methods can be used to authenticate API calls? (Choose two.) basic HTTP auth single Sign-On authentication token openID Connect

basic HTTP auth Authentication Tokens

When is Prisma Cloud monitoring and correlation of data from cloud vendors activated? a. Data correlation begins as soon as the cloud account is onboarded. b. Specific Prisma Cloud Alerts must be enabled for correlation of data. c. Alert notifications must be configured. d. Third-party technologies must be integrated.

a. Data correlation begins as soon as the cloud account is onboarded.

What are three tools provided by Palo Alto Networks firewalls used to segment traffic? (Choose three.) a. Define different Zones b. Dynamic Address Groups c. Air Gap d. UserID

a. Define different Zones b. Dynamic Address Groups d. UserID

What are two groups in which tasks are categorized to facilitate automation? (Choose two.) a. Deploy b. Dynamic c. Configure d. Containers

a. Deploy c. Configure

Select the two cloud types for compliance supported by Prisma Cloud. (Choose two.) a. GCP b. Rackspace c. Cisco d. AWS

a. GCP d. AWS

. Select the three correct type of defenders to select from? (Choose three.) a. Host Defender b. Container Defender c. Serverless Defender d. Agentless Defender

a. Host Defender b. Container Defender c. Serverless Defender

What are two predefined Prisma Cloud Default anomaly policies? (Choose two.) a. Network evasion and resource misuse b. Network reconnaissance c. Network DoS d. Excessive logins

a. Network evasion and resource misuse b. Network reconnaissance

Prisma Cloud supports which two orchestrators? (Choose two.) a. OpenShift b. OpenCloud c. Pivotal Cloud Foundry d. Apache Mesos

a. OpenShift c. Pivotal Cloud Foundry

Why is Panorama essential to bootstrapping in Complete Mode? a. Panorama needs to generate the VM auth key. b. Panorama is not required. c. Panorama is not required. d. None of the above.

a. Panorama needs to generate the VM auth key.

Which two statements reflect the Prisma Cloud Functionality of Asset Inventory? (Choose two.) a. Prisma Cloud is the only solution in the market that provides continuous monitoring of security misconfigurations consistently across clouds and throughout the application lifecycle. b. Prisma Cloud is the only solution in the industry that offers critical network security requirements across cloud providers. c. Prisma Cloud empowers customers to gain a deeper understanding of their cloud environments by leveraging native cloud provider APIs and continuously analyzing all cloud assets for changes. d. Prisma Cloud provides consistent data classification for cloud storage services across cloud providers. With 300+ data profiles, it is able to provide policy controls over commonly found data patterns and ensures that customers meet their compliance requirements.

a. Prisma Cloud is the only solution in the market that provides continuous monitoring of security misconfigurations consistently across clouds and throughout the application lifecycle. c. Prisma Cloud empowers customers to gain a deeper understanding of their cloud environments by leveraging native cloud provider APIs and continuously analyzing all cloud assets for changes.

Prisma Cloud keeps CVE data for which operating system base layer? a. SUSE b. Fedora c. PCLinuxOS d. Linux Mint

a. SUSE

Which is best applied for apps that need to be ready to perform tasks but don't always need to be running? a. Serverless b. Containers c. Virtual Machines d. Hosts

a. Serverless

What are two stages of the CI/CD pipeline? (Choose two.) peer review fork build unit test

build unit test

Twistcli can scan an image that is in the system from which two sources? (Choose two.) downloaded via FTP build on the host pulled from a registry backed up on a mirror site

build on the host pulled from a registry

In the Learning Mode, how does it stay to complete the model? a. 2 hr b. 24 hrs c. 1 hr d. 3 hr

c. 1 hr

Which increments are Prisma Cloud Credits sold in? a. 10 b. 50 c. 100 d. 500

c. 100

How many nodes of CN-NGFW pods can a pair of CN-MGMT pods connect to and manage within a cluster? a. 2 b. 20 c. 30 d. 100

c. 30

Which Firewall designed for both container or vm can be used to filter Layer 7 traffic to and from the app? a. CNNF b. NGFW c. CNAF d. IP tables

c. CNAF

If a "config where" query is used or a policy, which two options are available? (Choose two.) a. api.name b. api.source c. cloud.region d. cloud account type

a. api.name c. cloud.region

Which two details are included in a Prisma Cloud alert payload? (Choose two.) a. compliance standard b. CVE c. cloud account d. cloud status

a. compliance standard c. cloud account

When deployed with a GWLB, you can use the VM-Series firewall to protect the inbound traffic. What is the traffic originating? a. traffic originating outside the VPC and destined to resources within your application VPC, such as web servers b. traffic originating within the application VPCs and destined to external resources on the Internet c. in a transit gateway environment, East-West traffic refers to Inter-VPC traffic, such as the traffic between source and destination workloads in two different application VPCs yes d. none of the above

a. traffic originating outside the VPC and destined to resources within your application VPC, such as web servers

Which two attributes do network queries support? (Choose two.) anomaly.type accepted.bytes source.country operation

accepted.bytes source.country

How are standalone Prisma Cloud Defenders installed on hosts that do not run Docker? a. The Defenders are installed in the registry. b. The Defenders are run with a different orchestrator. c. The Defenders are run as a service. d. The Defenders are run on virtual machines.

c. The Defenders are run as a service.

Which logs helps to visualize flow information for resources deployed in your GCP projects? a. Syslog b. Event Viewer c. VPC logs d. all of the above

c. VPC logs

What are the four Prisma Cloud systems to bring online and operationalize. (Choose four.) a. IaaS b. Aws c. Vulnerability Management d. GCP e. Compliance f. Runtime Defense g. Firewall

c. Vulnerability Management e. Compliance f. Runtime Defense g. Firewall

In which mode can a networking rule place a Defender? a. deny b. alarm c. block d. permit

c. block

When Prisma Cloud detects an outgoing connection that deviates from your runtime policy, Prisma Cloud Defender can take action. Networking rules let you put Defender into one of three modes. Which mode is supported? a. deny b. alarm c. block d. permit

c. block

Which mode is the phase in which Prisma Cloud performs either static or dynamic analysis? a. archived b. active c. learning d. passive

c. learning

Which kind of platform is Kubernetes? a. automation b. Docker c. orchestration d. cluster

c. orchestration

API access is enabled for which role? a. default role b. configuration role c. system admin role d. root user role

c. system admin role

Which two protocols support authentication for Prisma Cloud Compute Edition? (Choose two.) OAuth OpenLDAP SQRL CTAP

OAuth OpenLDAP

Which feature provides granular visibility into each object's metadata and data profile information? Data Inventory Resource Explorer Data Dashboard Object Explorer

Object Explorer

Which two services does GitHub provide to developers? (Choose two.) Offers cloud-based hosting that is used to manage repositories provides a high-quality version control system allows you to share your code with others makes codebase and history available on every developer's local machine

Offers cloud-based hosting that is used to manage repositories allows you to share your code with others

Which version of Compute Console is hosted by Palo Alto Networks? Prisma Cloud SaaS Prisma Cloud Enterprise Edition Prisma Cloud Compute Edition Prisma Cloud Access

Prisma Cloud Enterprise Edition

How are "Dangerous Domains" detected?

Prisma Cloud Intelligence Stream (known bad domains) Behavioural Container Models - detects new/anomalous DNS requests that vary from the first initial runtime.

Which two benchmark standards are included in compliance checks? (Choose two.) Prisma Cloud Labs WildFire GDPR CIS Benchmarks

Prisma Cloud Labs CIS Benchmarks

What is the interface that is the default view when you first log into Prisma Cloud Console?

Prisma Cloud Radar

An administrator does not see incoming messages from a newly integrated third-party service. What is most likely the problem? Prisma Cloud license for third-party integration service is not enabled. Prisma Cloud has not performed its periodic polling from the third-party service. Prisma Cloud is not configured with a policy to accept incoming messages. Prisma Cloud has an Alert Rule with a deny-all rule for incoming messages.

Prisma Cloud has not performed its periodic polling from the third-party service.

What is most likely to cause a connection issue between Prisma Cloud and an externally connected service? Prisma Cloud's IP address or stack is flagged as malicious and is blocked. Prisma Cloud policies are rerouting traffic. The FQDN or IP address has changed on Prisma Cloud. The direct connection between Prisma Cloud and the datacenter or region is down.

Prisma Cloud's IP address or stack is flagged as malicious and is blocked.

Which two permission methods can be used with an Azure Service Bus Queue integration? (Choose two.) Shared Access Signature Service Principal Credentials Azure Active Directory (Azure AD) Shared Access Signatures (SAS)

Shared Access Signature Service Principal Credentials

Prisma Cloud Compute supports which two third-party integrations? (Choose two.) Slack Tenable.io PagerDuty WordPress

Slack PagerDuty

Which Prisma Cloud security module incorporates container security? cloud security posture management cloud workload protection cloud infrastructure entitlement management Cloud Network Security

cloud workload protection

What are two areas that the IAM Security module addresses? (Choose two.) complex entitlement layers overly permissive roles role-based access control authentication

complex entitlement layers overly permissive roles

Which two query types does RQL support? (Choose two.) config anomaly event hostfinding

config event

A config query can start with which two expressions? (Choose two.) config where source IP = config from cloud.resource config from iam config where CRUD =

config from cloud.resource config from iam

Which RQL query is a legitimate query in Prisma Cloud? config where cloud.resource from api.name = 'aws-ec2-describe-instances' config cloud.resource from where api.name = 'aws-ec2-describe-instances' config where from api.name = 'aws-ec2-describe-instances' config from cloud.resource where api.name = 'aws-ec2-describe-instances'

config from cloud.resource where api.name = 'aws-ec2-describe-instances'

Which RQL query is used by the Resource Explorer? config from cloud.resource where cloud.service = 'Amazon S3' config from cloud.resource where cloud.type = 'Amazon S3' event from cloud.resource where cloud.service = 'Amazon S3' config from cloud.resource where cloud.service = 'AWS S3'

config from cloud.resource where cloud.service = 'Amazon S3'

What are the RQL parameters for starting an IAM query? event from iam where network from iam where config from iam where none of the above

config from iam where

Which two operators can make queries more computationally efficient? (Choose two.) contains exists @ ?

contains exists

What are two common use cases that the IAM Security module addresses? (Choose two.) users with write database access cross-account permissions groups with excessive users resources that the public can access

cross-account permissions resources that the public can access

. What is the average number of days to detect a breach in Microsoft Azure? a. 30 b. 60 c. 100 d. 200

d. 200

For every 100 compliance issues, we should expect: [Blank]% of issues are caused by your apps. Since you have full control over your apps, meet with your developers and remediate them. [Blank]% of issues are caused by infrastructure issues. Half of these issues will be due to the vendor configuration, which you can't change. Create rules to ignore these issues. The other half will be due to insecure defaults. Remediate them. Select the Values for the Blanks a. 16% and 84% b. 33% and 67% c. 84% and 16% d. 67% and 33%

d. 67% and 33%

Select two roles of Panorama? (Choose two.) a. license management and configuration management b. manage your Kubernetes clusters, apps, and firewall services c. monitor your clusters and leverage Kubernetes labels that you use to organize Kubernetes objects d. Provide the VM Auth Key so the bootstrapped firewall can register running as nonprivileged host

d. Provide the VM Auth Key so the bootstrapped firewall can register running as nonprivileged host

Prisma Cloud lets you surface critical policy breaches by sending alerts to automate security response, Which channel can you send to? a. Email b. Pager Alerts c. Compliance Dashboard d. XSOAR

d. XSOAR

Which installation method is used to deploy a Defender when using OpenShift? installed as a Daemon service installed as a global service deployed as a service deployed as a DaemonSet

deployed as a DaemonSet

What does IAM stand for? identity, authentication, and management inadequate authentication management infrastructure access management identity and access management

identity and access management

Which actions are supported for compliance checks? alert, log, and block alert, block, and remediate ignore, alert, and block ignore, report, and block

ignore, alert, and block

When integrating AWS Inspector, which role permissions are required on the Prisma Cloud role? inspector:List* and inspector:Get* inspector:Describe* and inspector:List* guardduty:List* and guardduty:Get* guardduty:Describe* and guardduty:List*AWS Security Hub

inspector:List* and inspector:Get* inspector:Describe* and inspector:List*

The REST API enables which two capabilities? (Choose two.) discovery integration remediation automation

integration automation

Which Prisma Cloud component provides for static defense in the CI/ CD pipeline? compiler plugin IDE machine learning

plugin

Which two protections are included in runtime defense? (Choose two.) predictive threat-based catalogued itemized

predictive threat-based

What are two of the four key IAM attributes? (Choose two.) source action resource cloud

source action

Which two outputs are supported by event logging? (Choose two.) log analyzer stdout snmp syslog

stdout syslog

Which two outputs are supported by event logging? (Choose two.) Select All Correct Responses log analyzer stdout snmp syslog

stdout syslog

Which two components are included in the Compliance Explorer? (Choose two.) top-ten compliance violations open compliance alerts table of compliance issues roll-up charts

table of compliance issues roll-up charts

True or False? With Postman you can import an API schema as a collection? true false

True

True or false? A cloud account must be configured with the monitor and protect mode to perform auto-remediation of policy violations. true false

True

True or false? Alerts can be forwarded to third-party integrations in Prisma Cloud True False

True

True or false? Alerts can be forwarded to third-party integrations in Prisma Cloud. True False

True

True or false? Defenders enforce the policy created in Console. True False

True

True or false? Net-effective permissions are the true permissions after all identity privileges are combined. True False

True

True or false? Prisma Cloud can access the data generated by Amazon GuardDuty and Inspector True False

True

Which two cloud service providers are supported with a Prisma Cloud and Qualys integration? (Choose two.) OCI Alibaba Cloud GCP AWS Azure

AWS Azure

Which two enforcement actions can be configured for a WAAS rule? (Choose two.) Pause Ban Alert Ignore

Ban Alert

True or false? Prisma Cloud offers protection for the entire CI/ PD pipeline. True False

True

Which two HTTP methods are used to interact with the Prisma Cloud REST API? (Choose two.) POST HEAD COPY DELETE

POST DELETE

What are two common HTTP methods used to send API calls to Prisma Cloud? (Choose two.) POST STATUS GET UPDATE

POST GET

Defender communicates with Console using which default port value? 8080 84 8083 8084

8084

Which two RQL operators can be used to parse through JSON arrays? (Choose two.) Select All Correct Responses ? # % @

? @

What are three advantages of Prisma Cloud WAAS? (Choose three.) -provides unified protection across applications deployed on hosts, VMs, containers, and serverless -segments microservices at the container level -auto scales with your cloud applications through an agent-based (RASP) deployment -provides a single solution to all your cloud security needs -provides a filter to protect against path traversal attacks

-provides unified protection across applications deployed on hosts, VMs, containers, and serverless -auto scales with your cloud applications through an agent-based (RASP) deployment -provides a single solution to all your cloud security needs

Which RQL syntax is used to iterate through a set of objects? [?.(@.Effect == 'Allow'] [*]. Key == Compliance && @.Effect == 'Allow' .*[?(@.Type == 'AWS::S3::Bucket'

.*[?(@.Type == 'AWS::S3::Bucket'

Which two attacks does the web application firewall protect against when deploying CNAF for serverless functions? (Choose two.) a. local file system inclusion (LFI) b. DoS c. cross-site scripting d. embedded code registry

A & C - LFI and Cross Site Scripting

What is the maximum number of Access Keys that can be created for a Prisma Cloud role? Two Three Four Five

2

Which version upgrade path represents a maintenance release? 20.09.162 to 20.09.162-1 20.04.162 to 20.09.162 20.09.162 to 20.09.362 19.11.162 to 20.04.162

20.09.162 to 20.09.362

Which two ports can be used for connecting to Prisma Cloud Compute Edition console? (Choose two.) 80 8083 8081 443

8083 8081

Which two scenarios would the IAM Security module flag? (Choose two.) A user has both Okta and group privileges to a cloud account. A user has not made a database API call in three months but has write access. A user is not using two-factor authentication to log in. A public server has read access to a cloud account.

A user has not made a database API call in three months but has write access. A public server has read access to a cloud account.

Prisma Cloud WAAS provides which three types of protection? (Choose three.) hybrid cloud environment only API file upload false positives access control based on IP address or geo location

API file upload access control based on IP address or geo location

Which webpage is accessible using a link from the Prisma Cloud Compute API Reference? Compute console API reference page API technical docs API endpoint

API reference page

Which two settings are used to configure Role-Based Access Control (RBAC)? (Choose two.) account user role clearance

Account Role

Which two filters can be applied in the Compliance Dashboard? (Choose two.) Account Group Time Range Policy Type Compliance Section

Account Group Compliance Section

If no alerts are being triggered in Prisma Cloud, what most likely is the problem? Account Groups are not included in an alert rule. Alerts are not enabled in the global settings. No users are configured with the alerts permission. Alerts are being blocked by policy configurations.

Account Groups are not included in an alert rule

What 4 anomaly types are predefined in Prisma Cloud Compute?

Account Hijacking Attempts Excessive number of login failures Unusual user activity Network Evasion and Resource misuse

Which two UEBA policies are supported in Prisma Cloud? (Choose two.) brute-force attacks account hijacking attempts excessive login failures creation of super users

Account Hijacking attempts Excessive Login Failures

Which two states can a model be in? (Choose two.) active logging learning rebooting

Active Learning

Which workflow describes adding an external integration to Prisma Cloud? Add a GCP account to Prisma Cloud Create a new Alert Rule for AWS in Prisma Cloud Add AWS Security Hub to Prisma Cloud Create a custom policy for an Account Group

Add AWS Security Hub to Prisma Cloud

What is the effect for the default runtime rule? Block Prevent Disabled Alert

Alert

What dashboard provides a snapshot of the current state of all cloud resources or assets that you are monitoring with Prisma Cloud?

Asset Inventory Dashboard

Which element in RQL is used to narrow the scope of the search? operators expressions attributes conjunctions

Attributes

Which two tabs are used to configure Access Control? (Choose two.) Authentication Network Controls File Uploads User Authorization

Authentication User Authorization

Name 4 Key Differentiators between Prisma Cloud and competitors

Auto Remediation Unified view for multi cloud environment Visualize cloud environments with Radar Merged CSPM and CWPP provide more value

Which two requirements does a new alert rule need to fulfill to support Automated Remediation? (Choose two.) Automated Remediation is enabled for the Alert Rule. The resource triggering the alert has remediation enabled. The policies in the alert rule include the required CLI commands for remediation. The cloud account is public and not private.

Automated Remediation is enabled for the Alert Rule. The policies in the alert rule include the required CLI commands for remediation.

Which two requirements does a new alert rule need to support Automated Remediation (Choose two)? Automated Remediation is enabled for the Alert Rule. The resource triggering the alert has remediation enabled. The policies in the alert rule include the required CLI commands for remediation. The cloud account is public and not private.

Automated Remediation is enabled for the Alert Rule. The policies in the alert rule include the required CLI commands for remediation.

Which action enables you to cloak sensitive data? A. Data Pattern Masking B. Snippet Masking C. Data Profile Masking D. Snippet Disabling

B. Snippet Masking

Prisma Cloud Data Security combines the power of which two Palo Alto Networks products to discover and protect data in public cloud environments? (Choose two.) A. Prisma SaaS B. Wildfire C. Palo Alto Networks DLP D. Autofocus

B. Wildfire C. Palo Alto Networks DLP

What are the four built-in data profiles that Palo Alto Networks Enterprise DLP provides with the integration of Prisma Cloud Data Security? (Choose four.) A. assets B. healthcare C. PII D. employment E. financial information F. intellectual property

B. healthcare C. PII E. financial information F. intellectual property

Which two types of protections are offered by WAAS? (Choose two.) duplicate web address malformed request spoofed MAC address brute force

Brute Force Malformed Request

Which two methods can be used to manage cost when using Prisma Cloud Data Security? (Choose two.) Enable CloudTrail for Read-and-Write events Bucket lifecycle policy of one-month TTL Select only buckets that require scanning Disable client-side rate throttling

Bucket lifecycle policy of one-month TTL Select only buckets that require scanning

.Which RQL query will produce a custom report that lists the S3 buckets accessible to the public through bucket ACLs? a. config where api.name='aws-s3api-get-bucket-acl' AND cli.rule="(acl.grants[?(@.grantee=='AllUsers')] size > 0)" b. config where api.name='aws-s3api-get-bucket-nsg' AND json.rule="(acl.grants[?(@.grantee=='AllUsers')] size > 0)" c. config where api.name='aws-s3api-get-bucket-acl' AND json.rule="(acl.grants[?(@.grantee=='AllUsers')] size > 0)" d. config where api.name='aws-s3api-get-bucket-acl' AND python.rule="(acl.grants[?(@.grantee=='AllUsers')] size > 0)"

C

After an image is removed from a registry, the scan results are purged after which period has elapsed? a. 12 hours b. 24 hours c. 30 days d. 60 days

C - 30 Days

Which tool would be useful for performing a bulk upload of cloud accounts? CLI Tool API Import Library GitHub Postman

CLI Tool

Which two limitations exist when RQL is used? (Choose two.) The scope of the query is based on all cloud accounts. Can't join config, event, and network queries together. Not all operators can be used in array brackets. Resources that have been created in the past can never be included in a search.

Can't join config, event, and network queries together. Not all operators can be used in array brackets.

What are two Alert Disposition options for Prisma Cloud? (Choose two.) a. Conservative b. Progressive c. Aggressive d. Medium

Conservative and Agressive Third type is Moderate

Which component needs to be installed first when deploying Prisma Cloud Compute? Console Defender twistcli Jenkins plugin

Console

Which component needs to be upgraded first when upgrading Prisma Cloud Compute? Defender Jenkins plugin twistcli Console

Console

Which two security guardrails are built into Defender? (Choose two.) Console and Defender do not trust each other. Defender deployment includes a self-healing capability. Defenders incorporate an automatic shutdown feature. Risk is limited to the system where Defender is deployed.

Console and Defender do not trust each other. Risk is limited to the system where Defender is deployed.

Which two elements are evaluated together to define a resultant policy? (Choose two.) WildFire Container model Intelligence stream Runtime rules

Container model Runtime rules

Which Palo Alto Networks product can be natively integrated with Prisma Cloud? Strata DLP Security Cortex XSOAR Prisma SD-WAN Prisma SaaS

Cortex XSOAR

When enabling SSO on Prisma Cloud, what is recommended to prevent SSO lockout? Enable SSH with root access to Prisma Cloud. Create System Admin level users that are excluded from SSO login. Create a back door to the Prisma Cloud console. Create policy that allows unlimited SSO login attempts for administrator accounts.

Create System Admin level users that are excluded from SSO login.

How do you deploy a CNAF for a host?

Create a new rule and specify a host

How do you deploy CNAF for a containerized web app?

Create a new rule, specify the image name, and declare the ports where CNAF listens.

Which two severity levels are supported in vulnerability rules? (Choose two.) Critical Major Medium Highest

Critical Medium

Which Data Dashboard widget shows you the top five publicly exposed objects for the Financial Information, Healthcare, PII, and Intellectual Property data profiles? A. Total Buckets B. Total Objects C. Top Data Policy Violations D. Top Publicly Exposed Objects by Profile

D. Top Publicly Exposed Objects by Profile

Which is the best method to use when grouping clauses in RQL? commutative law associative law De Morgan's laws basic laws of algebra

De Morgan's laws

What are considered workloads on GCP?

GCEs, Cloud SQL

Which two issues with a resource may result in an alert not being generated? (Choose two.) Deleted Not configured Classified Archived

Deleted Not configured

WAAS enhances WAF protection by using which two methods? (Choose two.) inspecting traffic at Layer 3 inspecting internal (east-west) traffic deploying closer to the application using the Intelligence Stream to identify rogue apps

Deploying closer to the application Inspecting internal East-West traffic

When Prisma Cloud detects an outgoing connection that deviates from your runtime policy, Prisma Cloud Defender can take action. What are the 3 modes networking rules can put defender in?

Disable: Defender does not provide any networking protection. Alert: Defender raises alerts when targeted resources establish connections that violate your runtime policy. Block: Defender stops the container if it establishes a connection that violates your runtime policy. The options for "Explicitly allowed" and "Explicitly denied" let you customize the runtime models for known good and known bad network connections

Alerts can be in which two states? (Choose two) Dismissed Closed Resolved Unresolved

Dismissed Resolved

What are considered workloads on AWS?

EC2, RDS, ELB, Redshift, NAT Gateway

Which two steps are a part of WAAS rule creation? (Choose two.) Enable image scanner. Enable desired protections. Define rule resource. Define malware protections.

Enable desired protections. Define rule resource.

Which operation is performed by Defender once installed? Spawn a database container to store events Establish a connection to console Place its own process in the whitelist for processes Open a connection to the cluster controller

Establish a connection to console

Which two types of queries does RQL support? (Choose two.) Policy Anomaly Event Network

Event Network

1. True or false? Serverless and containers are the same. a. true b. false

False

True or false? Models are the result of autonomous learning that Prisma Cloud performs when an image is developed. True False

False

True or false? Prisma Cloud by default and with no initial setup always will generate alerts. True False

False

True or false? RQL supports filtering an unlimited number of APIs using joins. True False

False

True or false? The Dataflow Admin role is required only if you need to troubleshoot issues with your Prisma Cloud account. true false

False

What can cause an empty object classification? File too large to scan Object has sensitive info File type has extension .pptx Object is encrypted

File too large to scan

What does Prisma Cloud technical support recommend as the best way to get support? Call the Palo Alto Networks main support number. From the Prisma LIVE Community page click Create a Support Case Now. Contact your SOC administrator. Contact the RedLock AI assistant for resolution of the issue.

From the Prisma LIVE Community page click Create a Support Case Now.

Which two requirements are needed to run container Defenders? (Choose two.) Full control over the host Bash shell script to start the Defender Run in the hosts network and process namespaces A socket connection to containers running on the host

Full control over the host Run in the hosts network and process namespaces

Which two assets are included in the Prisma Cloud Asset Inventory dashboard? (Choose 2) a. Regions b. Gateways c. Security Groups d. Compute Engine Instances

Gateways and Compute Engine Instances

Which development platform is used by support for storing scripts and code projects? Appian GitHub Mendix PowerApps

GitHub

Which item indicates the RQL syntax is correct? Green checkmark Red X Popup message Query executes

Green Checkmark

Which two remediation methods does Prisma Cloud support? (Choose two.) guided scheduled manual compliant

Guided Manual

WAAS protects application using which two protocols? (Choose two.) SSH HTTPS FTP HTTP

HTTP HTTPS

Which two settings are included in an endpoint configuration? (Choose two.) HTTP Host Scan Interval Mode Path

HTTP Host Path

Which two pieces of information are returned by the command redlock-cli ping? (Choose two.) HTTP response code response metadata API response code response payload

HTTP response code response payload

Which data classifications are supported by Prisma Cloud Data Security? (Choose two.) Healthcare Sensitive PII Corporate Information

Healthcare PII

Which two tabs are supported for View Logs? (Choose two.) History Audit Console Recent

History Console

Which type of ingest data is provided by third-party integrations? host vulnerability network traffic audit log resource lifecycle

Host Vulnerability

Which two steps are required for guided remediation? (Choose two.) Obtain the necessary steps for remediation from the admin guide. Hover the pointer over the violating resource and select Remediate. Follow the remediation steps in the Quick Start Checklist. Click Execute Command to invoke remediation.

Hover the pointer over the violating resource and select Remediate. Click Execute Command to invoke remediation.

What hypervisors can run the Prisma Cloud Console?

Hyper-V VMWare Virtualbox

Every API call requires which two values? (Choose two.) IP address or hostname region cloud account version

IP address or hostname version

Which action is supported for compliance checks? Prevent Ignore Allow Suspend

Ignore

Which navigation path would display data in the image's docker layers? Image > Risk summary > Image details > Layers Image > Risk summary > Vulnerabilities > Layers Image > Risk summary > Runtime > Layers Image > Environment > Vulnerabilities > Layers

Image > Risk summary > Vulnerabilities > Layers

When adding ServiceNow to Prisma Cloud, which two service types can be configured into the integration? (Choose two.) Incident Mode Event Status

Incident Event

Which RQL component supports queries of data from multiple APIs? operators attributes conjunctions joins

JOINS

Which data format is used for resource config metadata in Prisma Cloud? JSON YAML XML CSV

JSON

Which data format is used when exported forensics data events? JSON CSV XML Plain text

JSON

Which format is used by Prisma Cloud to ingest data and update events? XML YAML JSON Text

JSON

Which format is used by Prisma Cloud to ingest data and update events? XML YAML JSON Text

JSON

Which runtime environment is required for running the interactive CLI tool on your local system? Python Perl JavaScript Ruby

Javascript

Which two alert providers are supported in Compute console? (Choose two.) JIRA Splunk Webhook Amazon SQS

Jira Webhook

Jira is not receiving alert messages from Prisma Cloud. What is most likely the cause? Prisma Cloud default policies do not send messages to Jira services. The Jira firewall is blocking incoming SNMP messages. Jira is configured with the incorrect Prisma Cloud URL for the region. Jira message threshold limit has been reached.

Jira is configured with the incorrect Prisma Cloud URL for the region.

Which two CIS benchmarks are included in Prisma Cloud compliance checks? (Choose two.) OpenLDAP Kubernetes Docker VMware server

Kubernetes Docker

On which support page can you create a support ticket? LIVEcommunity Tech Docs Knowledge Base Prisma Cloud Console

LIVEcommunity

What layer of the OSI model does the CNNF run?

Layer 4

For which duration does Prisma Cloud Enterprise DLP store objects? Less than 24 hours Less than 2 days 14 days 10 years

Less than 24 hours

Which two data fields are included in console debug logs? (Choose two.) Level Resolved Last Modified Urgency

Level Last Modified

What are considered workloads on Azure?

Load Balancers, SQL Databases, VM's

Which permission is required on Qualys when integrating with Prisma Cloud? Manager role User Agent role Auditor role Administrator role

Manager role

Which two methods does Prisma Cloud support for adding an AWS account? (Choose two.) Manual Recursive Automated Scheduled

Manual Automated

Which two methods can be used to configure API protections? (Choose two.) manual import a collection file import an OpenAPI or Swagger file API discovery

Manual Import an OpenAPI or Swagger File

You are adding a new AWS account to Prisma Cloud and want to make sure you can perform the automatic remediation function in the event of an alert. Which setting allows automatic remediation? Mode - Monitor Mode - Monitor & Protect Mode - Alert Rule Mode - Auto Remediation

Mode - Monitor and Protect

Which onboarding mode is supported by the Data Security module? Monitor and Protect Remediate Monitor Primary

Monitor

True or false? Prisma Cloud scans all images on hosts that run Defender. True False

True

Which two settings are required to configure a Collection? (Choose two.) Owner Name Description Filters

Name Filters

Which two filter options are available in the Containers view of Radar? (Choose two.) Regions Namespaces Severity threshold Cloud Provider

Namespaces Severity threshold

What step is required to add a new user to Prisma Cloud Compute Edition? Navigate to Manage > Settings and click Users Navigate to Settings > Authenticate and click Users Navigate to Manage > Authenticate and click Users Navigate to Settings and click Users

Navigate to Manage > Settings and click Users

Which two steps are required to add a new Data Profile? (Choose two.) Navigate to the Data Profile Module Upload the Data Profile Choose a Data Pattern Navigate to Investigate > Data > Data Profiles

Navigate to the Data Profile Module Choose a Data Pattern

Which two methods can be used to enable the Data Security feature? (Choose two.) Navigate to the Help icon > What's New Navigate to Subscription > Learn More Navigate to Dashboard > Data Navigate to Settings > Data Security

Navigate to the Help icon > What's New Navigate to Dashboard > Data

Which two policy types are supported in Prisma Cloud? (Choose two.) User event Network Anomaly Resource

Network Anomaly

Which circumstance may add fields to an API call? More data is needed. New features are added to Prisma Cloud Compute. The call returns additional data. The call is repeated.

New features are added to Prisma Cloud Compute.

Which two limitations exist when Prisma Cloud SSO is used? (Choose two.) Only one IdP for each tenant IdP initiated not supported Must be IdP initiated Only one IdP for each account

Only one IdP for each tenant Must be IdP initiated

Prisma Cloud supports which two onboarding options when adding a GCP account? (Choose two.) Organization Region Availability Group Project

Organization Project

Which two types of object information are provided in the Object Explorer Details Panel? (Choose two.) Owner Zone Bucket name Cloud Provider

Owner Bucket name

What is a common problem experienced with a Prisma Cloud investigation? Emails are not being received for an alert. Amazon GuardDuty is not ingesting data from Prisma Cloud. Simple queries delay the real-time ingestion of VPC flow logs. Permissions have changed.

Permissions have changed.

Which identity provider does Palo Alto Networks SSO support Ping Identity Google OneLogin Auth

Ping

Which two types of information does the network connection arrow provide in Radar? IP addresses Ports Direction Bitrate

Ports Direction

Which application can be used for accessing the REST API? Postman Mailman API Boss Call Maker

Postman

Which Windows-based application is required to execute Prisma Cloud CLI commands? PowerShell Microsoft Edge PuTTY WinSCP

Powershell

What are the 3 types of Prisma Cloud licensing editions?

Prisma Cloud Business Edition - SaaS, CSPM only Prisma Cloud Compute Edition - Self Hosted, CWPP only Prisma Cloud Enterprise Edition - SaaS, CSPM and CWPP

Which two user documents are on the Palo Alto Networks technical documentation website? (Choose two.) Prisma Cloud Compute Shift-Left Security Guide Prisma Cloud Compute Optimization Guide Prisma Cloud Compute Operationalize Guide Prisma Cloud Administrator's Guide (Compute)

Prisma Cloud Compute Operationalize Guide Prisma Cloud Administrator's Guide (Compute)

Which container orchestrator supports service account monitoring? Docker Swarm Apache Mesos Red Hat OpenShift Azure Service Fabric

Red Hat OpenShift

API calls are grouped into which two categories? (Choose two.) Indexing Rebooting Reporting Config as a code

Reporting Config as a code

What are the three primary optimization steps in Prisma Cloud? (Choose three.) Review Dashboards. Review user identity permissions. Configure external alert notifications. Investigate issues. Remediate alerts.

Review Dashboards. Investigate issues. Remediate alerts.

Which information is required for adding an Alibaba account in Prisma Cloud? RAM Role Admin Role Role ARN RAM permissions

Role ARN

Which two settings does Prisma Cloud use for RBAC? (Choose two.) Roles Permissions Organizations Account Groups

Roles Account Groups

Which level of onboarding is supported when adding an OCI account to Prisma Cloud? Root (tenancy) level Subscription level Availability Zone level Compartment level

Root (tenancy) level

When an outbound integration is set up, which two alert rule types can be configured to send alert messages? (Choose two.) Run Build POST GET

Run Build

Which protocol is used to support single sign-on for the Prisma Cloud Enterprise Edition? OpenID SAML OAuth LDAP

SAML

Which two OWASP documented attacks are protected by a serverless WAAS rule? (Choose two.) insecure deserialization broken authentication SQL injection attack cross-site scripting attack

SQL injection attack cross-site scripting attack

Prisma Cloud Compute supports which two deployments? (Choose two.) Mac OS version Windows version SaaS version self-hosted

SaaS version self-hosted

Which method of scanning is used by Forward Scan? Scan all existing objects Scan files that have known vulnerabilities Scan objects for specific users Scan all new files added or edited

Scan all new files added or edited

Which two settings are configured when defining a new custom policy for data? (Choose two.) Select a data profile Select the data patterns Select a file exposure value Select the WildFire scan interval

Select a data profile Select a file exposure value

Which two object classification types are supported in Prisma Cloud Data Security? (Choose two.) vulnerable sensitive empty malware

Sensitive Empty

Which two types of information are displayed by Data Inventory Data cards? (Choose two.) Sensitive Objects Encrypted Buckets Risky Objects Public Buckets

Sensitive Objects Public Buckets

Alerts can be in which two states? (Choose two.) Snoozed Deferred Unresolved Dismissed

Snoozed Dismissed

Which Prisma Cloud role is required to enable programmatic access to the REST APIs in Prisma Cloud? System Admin Cloud Provisioning Admin Account Group Admin Account and Cloud Provisioning Admin

System Admin

Which permission group role is used to provide full control in Prisma Cloud? System Admin Account Group Read Only Cloud Provisioning Admin Account Group Admin

System Admin

Which role in the Prisma Cloud Enterprise Edition is required to access the Compute Console web interface? Account Group Admin System Admin Build and Deploy Security Cloud Provisioning Admin

System Admin

Which two platforms support inbound integration? (Choose two.) Select All Correct Responses Tenable.io Splunk Jira Qualys

Tenable.io Qualys

Prisma Cloud supports which automated method for adding an Azure account? CloudFormation Terraform XML JSON

Terraform

Which tool can be used to automate steps when adding an Azure cloud account? Pulumi Terraform Starsheep Ansible

Terraform

What 4 Infrastructure as Code (IaC) types can Prisma Cloud scan?

Terraform Cloudformation Templates Kubernetes Manifests Helm Charts

True or false? RQL can be used to investigate an alert. True False

True

An administrator recently onboarded an AWS account, and they see a red status indicator next to Flow Logs. Which configuration is most likely the problem? The administrator did not enable AWS Inspector on the AWS account. The administrator did not enable Prisma Cloud Data Security when setting up the AWS account. The administrator did not set up CloudWatch logs on the AWS account. The administrator did not set up a NAT Gateway for Prisma Cloud to ingest logs.

The administrator did not set up CloudWatch logs on the AWS account.

True or false? Roll-up charts show overall compliance ratios. True False

True

True or false? The Data Inventory page provides information on the number of S3 storage buckets being monitored and summary data cards that provide status on how objects are exposed: public, sensitive, or malware.

True

True or false? The json.rule attribute is used to filter the JSON configuration for a resource. True False

True

What is most likely the cause of a red status indicator for an external integration? One or more templates associated with the integration are invalid. SSO authentication is expired. The integration fails validation checks for accessibility or credentials. The link is down between Prisma Cloud and the externally connected service.

The integration fails validation checks for accessibility or credentials.

What is a major benefit of having the IAM Security module integrated into the Prisma Cloud platform? The module can leverage platform features like the dashboard, alerts, and remediation. The module covers all high-risk IAM use cases. The cloud providers do not have their own IAM security services. IAM security is the next rapidly growing area in cloud security.

The module can leverage platform features like the dashboard, alerts, and remediation.

What is the most likely cause of not receiving an alert in Prisma Cloud? An RQL query was not properly configured with the proper syntax to receive an alert. An alert rule was not configured in Prisma Cloud to receive an alert. The resource does not exist on the cloud provider. The cloud provider did not generate the alert and send it to Prisma Cloud.

The resource does not exist on the cloud provider.

True or False? Prisma Cloud Data Security uses the Wildfire service to detect known and unknown malware in these objects? True or False?

True

CLI commands that are copied to the clipboard can be used in which two ways? (Choose two.) They can be manually executed at the command line for the cloud account to resolve the security violation They can then be executed in Prisma Cloud to remediate a security violation They can be used to define a new policy that includes remediation They can be used to automatically generate a Python script that will remediate the alert

They can be manually executed at the command line for the cloud account to resolve the security violation They can be used to define a new policy that includes remediation

Why are IdP-authenticated users potentially risky from an IAM security standpoint? There may be multiple IdPs providing authentication. IdP authentication tokens may be compromised. They are authenticated by a third party. They may have permissions that override internally set permissions.

They may have permissions that override internally set permissions.

True or False? Prisma Cloud supports two methods for integration data flow—push and pull. false true

True

True or False? The Prisma Cloud Terraform provider can be used for bulk, automated on-boarding of cloud accounts. true false

True

Jira is included in which category of external integrations? Collaboration Vulnerability Ticketing Cloud Native

Ticketing

Which views are supported for monitoring WAAS events? (Choose two.) timeline top ten list tabular pie chart

Timeline Tabular

Which two charts are supported from the Dashboard? (Choose two.) Top Cloud Account Violations Resource Risk Exposure Top Internet Connected Resources Alerts by Severity

Top Internet Connected Resources Alerts by Severity

Which two widgets are included in the Data Dashboard? (Choose two.) Total Buckets Total Object Owners Top Exposed Objects by Bucket Data Alerts by Severity

Total Buckets Data Alerts by Severity

Which two features are provided on the Vulnerability Explorer page? (Choose two.) Remediate button Trend charts Top critical vulnerabilities Download to a PDF file

Trend charts Top critical vulnerabilities

1. True or false? Prisma Cloud protects your containers by combining static analysis of an image with runtime analysis of the container.

True

Which data is provided by the Compliance Score? Cloud accounts that are passing or failing Score based on the cloud accounts with the fewest policy violations Score based on the compliance posture for your cloud accounts Unique resources that are passing or failing

Unique resources that are passing or failing

Which two best practices are applicable to RQL expressions? (Choose two.) Use double quotes to enclose filters. Use parentheses for clean queries. Use double quotes to enclose your entire expression. Use single quotes to enclose filters.

Use double quotes to enclose filters. Use parentheses for clean queries.

Which two methods can be used to troubleshoot an RQL expression? (Choose two.) Use CloudFormation templates to construct JSON rules for the query. Use the auto-suggest drop-down list for valid query syntax. Use values for your deployed resources. Use query elements that include quotes, spaces, and special characters.

Use the auto-suggest drop-down list for valid query syntax. Use values for your deployed resources.

Which step is a part of manual remediation? View the CLI commands for remediation. View the alarm from your cloud account console. View the alarm and select the remediate button. View the recommended steps for remediation.

View the recommended steps for remediation.

Which action resolves an alert? When the user logs in to their public cloud account and closes the alert When the user clicks the Remediate button for an open alert When the alert times out in Prisma Cloud When the system admin selects the Apply CLI Commands button

When the user clicks the Remediate button for an open alert

Which external integration can be used if your application is not natively supported on Prisma Cloud? Webhook GitHub Dropbox Internet Relay Chat

Webhook

Which service can be used to integrate with third-party platforms when receiving outbound notifications that are not supported out-of-the-box by Prisma Cloud? SNMP file transfer syslog Webhooks

Webhooks

What are three important IAM governance questions that the out-of-the-box policies might answer? (Choose three.) What are all the public resources? Where are the cross-account connections? Which entities have risky permissions? Which roles have recently had permission changes? Which users are no longer with the organization?

What are all the public resources? Where are the cross-account connections? Which entities have risky permissions?

After files are ingested and data is cached, the files are sent to which two Palo Alto Networks products for object classification and a malware verdict? (Choose two.) AutoFocus WildFire Cortex XDR Enterprise DLP

WildFire Enterprise DLP

Which data is provided by the Connections from the Internet Geography chart? Risk ratings User activities Workload types Cloud accounts

Workload Types

Which third-party application can be installed as a Chrome extension to make API calls to Prisma Cloud? YARC REST GitHub Postman

YARC

Which two functions are supported in RQL? (Choose two.) Select All Correct Responses _User.inCloudAccount _DateTime _IpAddress.inRange _CloudAccount.inAWS

_DateTime _IpAddress.inRange

When setting up an alert rule for an outbound integration, what is required to support automatic remediation? a policy that supports automatic remediation automatic remediation permissions on the Prisma Cloud role Webhook with automatic remediation a REST API with an automatic remediation call function

a policy that supports automatic remediation

Which setting is the default for Prisma Cloud backups? off automatic on demand as needed

automatic

Which two methods can be used to resolve alerts? (Choose two) automatically by configuring Automated Remediation in the alert rule selecting Automated Remediation in the Enterprise settings accessing the public cloud account and executing the necessary CLI commands selecting the alert and then clicking the resource button

automatically by configuring Automated Remediation in the alert rule accessing the public cloud account and executing the necessary CLI commands

Jenkins is an example of which type of platform? IDE for code development tool for visibility into the CI/CD pipeline tool for finding errors on code automation server for code development

automation server for code development

What are two different methods for accessing images in the cloud registry? (Choose two.) a. MFA b. Basic Authorization c. URL Authorization d. Biometrics

b. Basic Authorization c. URL Authorization

Microsegmentation of microservices can be deployed with which of the following? a. NGFW b. CN series c. VM-series d. all of the above

b. CN series

Which of the following statements reflects the Prisma Cloud Functionality of Network Security? a. Prisma Cloud is the only solution in the market that provides continuous monitoring of security misconfigurations consistently across clouds and throughout the application lifecycle. b. Prisma Cloud is the only solution in the industry that offers critical network security requirements across cloud providers. c. Prisma Cloud empowers customers to gain a deeper understanding of their cloud environments by leveraging native cloud provider APIs and continuously analyzing all cloud assets for changes. d. Prisma Cloud provides consistent data classification for cloud storage services across cloud providers. With 300+ data profiles, it is able to provide policy controls over commonly found data patterns and ensures that customers meet their compliance requirements

b. Prisma Cloud is the only solution in the industry that offers critical network security requirements across cloud providers.

Which two sections are part of the Asset Inventory dashboard? (Choose two.) a. Compliance Coverage b. Resource Summary c. Compliance Standard Table d. Asset Trend

b. Resource Summary d. Asset Trend

What are the Deployment Options available in Prisma Cloud? (Choose two.) a. IaaS Architecture in Prisma Cloud Compute Edition b. SaaS Architecture in Prisma Cloud Enterprise Edition c. Self-Hosted Architecture in Prisma Cloud Compute Edition d. PaaS Architecture in Prisma Cloud Enterprise Edition

b. SaaS Architecture in Prisma Cloud Enterprise Edition c. Self-Hosted Architecture in Prisma Cloud Compute Edition

Which is used in Prisma Cloud for setting the baseline for the machine learning (ML) models ? a. Relearning b. Training Model Threshold c. Learning d. all of the above

b. Training Model Threshold

Which option is a service that enables customers to connect their Amazon Virtual Private Clouds (VPCs) and their on-premises networks to a single gateway? a. Proxy Gateway b. Transit Gateway c. VPC Gateway d. VM Series Firewall

b. Transit Gateway

1. Which statement describes how Prisma Cloud can help with DevSecOps enablement? a. With Prisma Cloud, you can monitor compliance posture in real time and generate auditready reports with a single click. b. With Prisma Cloud, you can seamlessly implement security guardrails that provide control and prevent vulnerabilities and insecure config issues from progressing forward. c. Prisma Cloud enforces least privilege microsegmentation policies based on auto-learned network traffic flows. d. Prisma Cloud dynamically discovers new resources as soon as they are deployed in the cloud and tracks historical changes for auditing purposes.

b. With Prisma Cloud, you can seamlessly implement security guardrails that provide control and prevent vulnerabilities and insecure config issues from progressing forward.

What is the purpose of the PAN-CNI plug-in? a. manages the licenses for the CN-Series firewall b. allocation of network interfaces on every pod c. managing the configuration and licensing of the containerized firewalls d. activate the auth code and retrieve the specified number of tokens

b. allocation of network interfaces on every pod

What are two main types of integration available with Prisma Cloud? (Choose two.) a. egress b. inbound c. ingress d. outbound

b. inbound d. outbound

What are two benefits of segmentation strategy? (Choose two.) a. define different zones b. more granular access control to data center resources c. better visibility into traffic d. create VLAN

b. more granular access control to data center resources c. better visibility into traffic

What command is used to swap eth0 eth1. Eth0 becomes a data interface and eth1 becomes the management interface ? a. set system setting mgmt.-swap enable no b. set system setting mgmt.-swap enable yes c. request plugin vm_series aws gwib inspect enable yes d. request plugin vm_series aws gwib inspect enable no

b. set system setting mgmt.-swap enable yes

Which two types of timestamps are included in the image vulnerability scan? (Choose two.) CI server pull discovery date creation date published date

discovery date published date

Which component must be installed to support twistcli image scanning? PowerShell dynamic link library docker engine Bash shell

docker engine

When Prisma Cloud is operationalized, at which phase do we perform vulnerability management? a. learn b. plan c. deploy d. observe e. operationalize f. maintenance and operations

e. operationalize

Which query is used to detect non-automated activities from specific IP addresses? event from config from cloud from network from

event from

Prisma Cloud supports which two query types? (Choose two.) Select All Correct Responses cloud fromSQL event from threat from network from

event from network from

Which RQL query will locate events for Bruteforce Login attempts? event from cloud.audit_logs where anomaly.type = 'Bruteforce Login' event from iam where anomaly.type = 'Bruteforce Login' event from cloud.resource where anomaly.type = 'Bruteforce Login' event from vpc.flow_record where anomaly.type = 'Bruteforce Login'

event from cloud.audit_logs where anomaly.type = 'Bruteforce Login'

Which two operations can be performed using the interactive CLI tool? (Choose two.) download your Access Key and Secret Key fetch alerts and policies bulk onboard of cloud accounts access your public cloud account command shell

fetch alerts and policies bulk onboard of cloud accounts

Which three options are reasons why complexity and scale are considered major cloud security challenges? (Choose three.) large number of users and compute instances public access increasing use of APIs cross-account visibility lack of control of IdP authentication

large number of users and compute instances public access cross-account visibility

Which two methods are used when installing Defenders on Windows Server? (Choose two.) runs as a Windows service installed using an MSI file installed using a PowerShell script deployed as a Daemon service

runs as a Windows service installed using a PowerShell script

Which RQL expression applies the correct syntax? json.rule = (document.Statement[*].Action anyStartWith s3:' AND 'document.Statement[*]. Effect == "Allow") json.rule = (document.Statement[*].Action anyStartWith s3:' And 'document.Statement[*]. Effect == "Allow") json.rule = (document.Statement[*].Action any start with s3:) and (document.Statement[*]. Effect == "Allow") json.rule = (document.Statement[*].Action any start with s3:) + (document.Statement[*]. Effect == "Allow")

json.rule = (document.Statement[*].Action any start with s3:) and (document.Statement[*]. Effect == "Allow")

What are the three main cloud security challenges? (Choose three.) lack of visibility complexity and scale excessive users with super admin privileges phishing attacks lack of governance

lack of visibility complexity and scale lack of governance

Which attribute is provided by Collections? add resources to a specific bucket limit views to specific sets of resources combine multiple consoles in a single web interface combine container clusters into a single view

limit views to specific sets of resources

Which two principal object types does runtime defense incorporate? (Choose two.) models actions rules filters

models rules

Which RQL network query will locate resources where the destination port matches port 22? network from vpc.flow_record where source.port = 22 network from vpc.flow_record where dest.port = 22 network from vpc.flow_record where dest.ip = 22 network from vpc.flow_record where source.ip = 22

network from vpc.flow_record where dest.port = 22

Which version should you apply first when you upgrade Prisma Cloud Compute Console? next version update targeted version next major version update any higher version

next major version update

Which two optionally collected events can be enabled for forensic data? (Choose two.) on-demand network connection snapshots ongoing network firewall monitoring ongoing network collection logging network packet sniffer data

on-demand network connection snapshots ongoing network collection logging

What is the function of the grace period in a vulnerability rule? override the blocking action of a rule override logging the rule violation disable the rule suspend the rule during peak loads

override the blocking action of a rule

Which two categories of exposure are supported in Prisma Cloud Data Security? (Choose two.) sensitive public internet conditional

public conditional

Which information is provided by the Intelligence Stream? machine learning analysis real-time threat feed developer product updates data filter logging

real-time threat feed

What is the CVE system used for? whitelist for images that are safe to deploy rank vulnerabilities by severity reference publicly known vulnerabilities repository for downloading vulnerability fixes

reference publicly known vulnerabilities

Which capability does Trusted images provide? compliance check that discovers images you can trust security control that lets you declare which registries you trust compliance rule that remediates untrusted images security control that lets you configure trusted users

security control that lets you declare which registries you trust

Which two operations are performed by Defenders? (Choose two.) reboot the host when malware is detected send suspicious files to the console for analysis send event data to the Console enforce policies defined in the Console

send event data to the Console enforce policies defined in the Console

Scanned content that is classified under Financial Information, Healthcare, PII, or Intellectual Property is considered as which type of data? private sensitive confidential empty

sensitive

Which two filtering options are built into the Containers view of Radar? (Choose two.) severity threshold CI/CD pipeline data center namespaces

severity threshold namespaces

Defenders are deployed to which two environments? (Choose two.) to your workloads to your cloud databases to your CI/CD pipeline to your VPC resources

to your VPC resources to your workloads

Defenders are deployed to which two environments? (Choose two.) to your workloads to your cloud databases to your CI/CD pipeline to your VPC resources

to your workloads to your CI/CD pipeline

True or False? A failure to ingest Amazon Inspector data is most likely due to Amazon Inspector not being enabled on the AWS account or the Prisma Cloud role not having the required permissions for Amazon Inspector. false true

true

True or false? You can use an RQL Query expression to create a custom policy. True False

true

The LIVEcommunity page supports which two features? (Choose two.) contests downloads videos discussions

videos discussions

Which two data category links are available from the Risk summary tab in the Node Details panel? (Choose two.) package info vulnerabilities runtime processes

vulnerabilities runtime

What is the most important factor used when determining the risk score? vulnerability severity open ingress ports available exploit privilege of the container

vulnerability severity

What steps are included in the cybersecurity kill chain? reconnaissance, phishing, and spoofing exploitation, installation, and crypto mining delivery, blocking, and data leaks weaponization, exploitation, and command and control

weaponization, exploitation, and command and control

In Prisma Cloud, which tool secures web applications by inspecting and filtering Layer 7 traffic to and from the application? cloud native network firewall (CNNF) web application and API security (WAAS) run-time application self-protection (RASP) web application firewall (WAF)

web application and API security (WAAS)

Which two backup intervals are supported in the Console? (Choose two.) weekly hourly daily biweekly

weekly daily

Which two options does IAM Security target to improve governance? (Choose two.) the cross-account risks what machines and users can do where the resources are located the usage of machines and users

what machines and users can do the usage of machines and users

When are alerts triggered? when new user activity occurs on your system when the rules that comprise your policy are violated when a user enters an incorrect password when vulnerability thresholds are exceeded

when the rules that comprise your policy are violated

Prisma Cloud has discrete checks that cover which two options? (Choose two.) a. clusters b. images c. hypervisors d. VM operating systems

A & B

Prisma Cloud can ingest configurations and data from which two public cloud providers? (Choose two.) a. Alibaba Cloud b. IBM Cloud c. Oracle Cloud d. Google Cloud Platform

A & D - Alibaba and Google. Oracle was recently added, but might not be on the test yet

Runtime audit events are detected by which two runtime sensors? (Choose two.) a. file system b. firewall event c. DNS call d. system call

A - File System & D - System Call

What does each color circle represent in the Radar view? Blue, Black, Globe

A blue circle means the container's model is still in learning mode. A black circle means the container's model is activated. A globe symbol indicates that a container can access the Internet.

Which two configuration build phase policies are available for Amazon Web Services? (Choose two.) a. AWS CloudTrail is Enabled in All Regions b. AWS Default Security Group restricts all traffic c. AWS CloudTrail bucket is publicly accessible d. AWS ElasticSearch Cluster Not in a VPC

c. AWS CloudTrail bucket is publicly accessible d. AWS ElasticSearch Cluster Not in a VPC

.What is the template type configured to for IaC scan to support AWS CloudFormation? a. TF b. K8S c. CFT d. ATF

c. CFT

Policies used for scanning IaC templates use which type of query? a. RQL config b. RQL network c. JSON d. SQL

c. JSON

Queries for Build Policy Subtypes are written in which file type? a. .bin b. .exe c. JSON d. CFT

c. JSON

Prisma Cloud integrates with which Jira product to receive alert notifications in Jira accounts? a. Jira Standard b. Jira Hub c. Jira Cloud d. Jira Enterprise

c. Jira Cloud

Which two Kubernetes policy subtypes are rated as high severity? (Choose two.) a. containers must be run as root b. do not allow sharing host PID namespace c. containers must not be run as root d. do not share host network with containers

c. containers must not be run as root d. do not share host network with containers

. Which AWS permission is required to perform ingestion? a. "aws-apigateway-get-apis" b. "aws-apigateway-rest-apis" c. "aws-apigateway-apis" d. "aws-apigateway-get-rest-apis"

d. "aws-apigateway-get-rest-apis"

What is the maximum number of hours that tokens for accessing the Prisma Cloud API are valid? a. 1 b. 8 c. 12 d. 24

d. 24

What is the maximum password similarity level allowed by Prisma Cloud? a. 39% b. 49% c. 59% d. 69%

d. 69%

Which is the highest Prisma Cloud risk rating, which requires immediate assessment? a. A b. 1 c. 10 d. F

d. F

Istio monitoring is available for which clusters? a. OpenView b. Docker Swarm c. Marathon d. OpenShift

d. OpenShift

Which service handles user management In Prisma Cloud Enterprise Edition? a. Active Directory b. OpenLDAP c. SAML d. Prisma Cloud app

d. Prisma Cloud app

Prisma Cloud Compute is offered in which deployment option? a. Air-gap environments only b. on-premises environments c. customer's VPC environments d. SaaS from Palo Alto Networks

d. SaaS from Palo Alto Networks

Why are failed resources more likely to be shown on the Compliance Dashboard rather than on the Asset Inventory? a. The Compliance Dashboard includes all registry and container assets ingested directly from the monitored cloud accounts. b. The Asset Inventory counts only foreign entities such as SSO. c. The Asset Inventory counts only Federated Users. d. The Compliance Dashboard includes foreign entities ingested directly from the monitored cloud accounts.

d. The Compliance Dashboard includes foreign entities ingested directly from the monitored cloud accounts.

When the Cloud Native Network Firewall (CNNF) is disabled, what happens with traffic flows? a. They are assumed valid and the environment is monitored for new connections. b. They bypass inspection by the CNN. c. They are modeled but not monitored. d. They are modeled and displayed in Radar.

d. They are modeled and displayed in Radar.

Prisma Cloud requires which API to enable data flow on Google Cloud Platform? a. netflow.google.com b. dataflow.google.com c. dataflow.vpc.google.com d. dataflow.googleapi.com

d. dataflow.googleapi.com

Which twistcli tool function retrieves threat data from the Prisma Cloud Intelligence Stream and pushes the updates to an air-gapped environment? a. serverless b. support c. images d. intelligence

d. intelligence

A DevOps User has which Action Level? a. run the Continuous Integration plugin b. read-write access to all rules and data c. full read-write access to all Prisma Cloud settings and data d. read-only access to vulnerability scan data

d. read-only access to vulnerability scan data

Which method do you use when adding comments to a Prisma Cloud eval support case? a. the Post tab in the SFDC console b. the New tab in the SFDC console c. the Post tab in the Case Comments section of the Customer Support Portal d. the New tab in the Case Comments section of the Customer Support Portal

d. the New tab in the Case Comments section of the Customer Support Portal

A networking rule can place a Defender in which mode? a. Deny b. Alarm c. Block d. Permit

C - Block

What are the Prisma Cloud Console hardware requirements (Metal)

<1000 Defenders - 4 vCPUs, 8 GB RAM, 100Gb Storage 1001-10000 Defenders - 8 vCPUs, 30GB RAM, 500Gb Storage

How does Radar indicate an internet-accessible container? a. blue circle b. black circle c. globe symbol d. star symbol

C - Globe

. Which two defender actions are disabled on Windows? (Choose two.) a. export b. scan c. install d. uninstall

C&D, Install/Uninstall

RBAC Roles For Compute Rank these roles in order of access CI User Operator Administrator Devops User Access User Defender Manager

Administrator Full read-write access to all Prisma Cloud settings and data Operator Read-write access to all rules and data. Read-only access to user and group management and role assignments. Defender Manager Read-only access to all rules and data. Can install and uninstall Prisma Cloud Defenders used for automating defender installs via Bearer Token or Basic Auth Auditor Read-only access to all Prisma Cloud rules and data DevOps User Read-only access to vulnerability scan data Access User Install personal certificates required for access to Defender protected nodes CI User Run the Continuous Integration plugin. No Prisma Cloud Console access.

CNNF?

Cloud Native Network Firewall

Which licensing use data can be obtained in CSV file format for a time period greater than three days? a. hourly usage data b. hourly licensed usage data c. daily licensed usage data d. quarterly licensed usage data

a. hourly usage data

What are the 3 types of RQL Queries?

Config: Use Config Query to search for the configuration of the cloud resources. Event: Use Event Query to search and audit all the console and API access events in your cloud environment. Network: Use Network Query to search real-time network events in your environment.

What are the 3 Custom Policy Types you can create?

Configuration Policy (Build and Run) Network Policies Audit Event Policies

What are the 4 types of defenders?

Container Defender Host Defender Serverless Defender RASP Defender

Which RQL query will produce a custom report that displays the number of AWS VPCs that do not have subnets when there are more than two VPCs? a. config where cloud.type = 'aws' AND api.name = 'aws-ec2-describe-vpc' as X; config where api.name = 'aws-ec2-describe-subnets' as Y; filter 'not $.X.vpcId equals $.Y.vpcId'; show X; count(X) > 2 b. config where cloud.type = 'aws' AND api.name = 'aws-ec2-describe-vpc' as X; config where api.name = 'aws-ec2-describe-subnets' as Y; filter 'not $.X.vpcId equals $.Y.vpcId'; show X; count(X) => 2 c. config where cloud.type = 'aws' AND api.name = 'aws-ec2-describe-vpcs' as X; config where api.name = 'aws-ec2-describe-subnets' as Y; filter 'not $.X.vpcId equals $.Y.vpcId'; show X; count(X) => 2 d. config where cloud.type = 'aws' AND api.name = 'aws-ec2-describe-vpcs' as X; config where api.name = 'aws-ec2-describe-subnets' as Y; filter 'not $.X.vpcId equals $.Y.vpcId'; show X; count(X) > 2

D

With Trusted Images enabled, which Prisma Cloud action happens if an untrusted image runs? a. The container is blocked from running. b. The container is removed from the registry. c. The container is re-imaged. d. An audit is created for the container running the untrusted image.

D - Audit is created

Arrange the colors by severity in the Radar Orange Green Red Dark Red

Dark Red - Highest risk Red - Severe vulnerabilities detected Orange - Medium vulnerabilities detected Green - No vulnerabilities

What effects are possible when a violation of runtime policies are found?

Disable: Defender doesn't provide any protection for processes. Alert: Defender raises alerts when it detects process activity that deviates from your defined runtime policy. These alerts are visible in Monitor > Events > Container Audits. Prevent: Defender stops the process (and just the process) that violates your policy from executing. This action of stopping a process is known as discrete blocking. Block: Defender stops the entire container if a process that violates your policy attempts to run.

Which two risk factors can be used in Vulnerability Explorer to prioritize individual vulnerabilities for mitigation? (Choose two.) a. DoS b. system call c. container is running as root d. running as non-privileged host

DoS and Container running as Root (A & C)

What orchestrators can support Prisma Cloud?

Docker Swarm Kubernetes Openshift Tanzu Application Service ECS EKS AKS GKE

What are considered workloads on Alibaba Cloud?

ECS's

Which two entities send and receive data to the Prisma Cloud console at build time to scan the image before images get pushed to the registry? (Choose two.) a. Jenkins b. Docker c. Kubernetes d. CI server

Jenkins and CI Server (A&D)

What are the types of Runtime Policies you can create?

IP Connectivity Detect Port Scanning Raw Sockets DNS Dangerous Domains Explicit Allow & Deny

Prisma Cloud provides out of the box reports on which 3 compliance standards? A. PCI B. HIPAA C. CIS D. EULA E. PAC

PCI, HIPAA, CIS

1. Prisma Cloud uses which two runtime rules? (Choose two.) a. networking-ingoing b. processes c. files d. networking-outgoing

Processes and Networking Outgoing (b & d) Not shown is "Filesystems"

What can Serverless Defender detect?

SQL Injection Cross-Site scripting Command injection Local file system inclusion Code injection

What authentications methods are supported for the Prisma Cloud Console?

Username/Password Lightweight directory access protocol (LDAP) Security Assertion Markup Language v2.0 (SAML2.0) X.509 smart cards

In Prisma Cloud Radar each node has a numeral in a circle ... what does it represent?

The number of containers on the node

At what hourly time interval does Prisma Cloud retrieve data from Tenable? a. 1 b. 6 c. 12 d. 24

a. 1

1. What is the maximum amount of time that models built by Prisma Cloud persist after they are archived? a. 24 hours b. 30 days c. 60 days d. 90 days

a. 24 hours

Serverless radar supports which provider's service offering? a. AWS Lambda b. AWS Fargate c. GCP serverless platform d. Azure Functions

a. AWS Lambda

Which option is a licensable workload for Prisma Cloud? a. AWS NAT Gateway b. GCP NAT Gateway c. Azure NAT Gateway d. AWS NAT Load Balancer Gateway

a. AWS NAT Gateway

Prisma Cloud can send alert notifications to which third-party tool? a. AWS Security Hub b. Firebase Cloud Messaging c. Azure Notifications Hubs d. Amazon SNS

a. AWS Security Hub

Which statement is a limitation of custom rules? a. Write operations to existing files are not prevented. b. Read operations to existing files are not prevented. c. Write permission changes to existing files are not prevented. d. Read permission changes to existing files are not prevented.

a. Write operations to existing files are not prevented.

Which hosts running Container Defender are seen as eight workloads? a. hosts that run containers b. hosts that don't run containers c. AWS Fargate containers d. Google Cloud Run containers

a. hosts that run containers

Prisma Cloud integrates with which AWS service for centralized visibility and compliance risks? a. AWS Fargate b. AWS Security Hub c. AWS Compliance Hub d. AWS Lambda

b. AWS Security Hub

Prisma Cloud integrates with which two threat intelligence feeds? (Choose two.) a. AWS ThreatFeed b. Facebook ThreatExchange c. ThreatConnect d. AutoFocus

b. Facebook ThreatExchange d. AutoFocus

Which two compliance standards are supported in AWS, Azure, and GCP? (Choose two.) a. SOC 1 b. GDPR c. CIS v1.2 d. PIPEDA

b. GDPR d. PIPEDA

What is an advantage of shift-left security? a. Security first is enabled at container runtime. b. Security is built into early development stages. c. Security is available after the first alert is generated. d. Security does not interact with CI/CD processes.

b. Security is built into early development stages.

Why is it a best practice to deploy Prisma Cloud to at least one environment other than production? a. The production environment is available only after a 30-day ingestion period, b. Upgrades and new rules could incapacitate the mission-critical production environment. c. Changes must first be enabled in the pre-production environment before they are rolled into the production environment. d. The container running Prisma Cloud needs a backup.

b. Upgrades and new rules could incapacitate the mission-critical production environment.

What defines a policy in Prisma Cloud? a. a group of alerts configured to send notifications b. a set of one or more constraints or conditions that must be adhered to c. a predefined NIST best practice d. default Prisma Cloud data that cannot be modified

b. a set of one or more constraints or conditions that must be

When Docker is used, who can bypass Defender and Prisma Cloud policies? a. anyone with administrator permissions for Prisma Cloud b. anyone with direct access to the Docker daemon c. anyone with direct Kubernetes access d. anyone with Docker administrator permissions

b. anyone with direct access to the Docker daemon

Prisma Cloud ingests which two APIs for Amazon Elastic Load Balancing? (Choose two.) a. aws-elb-define-load-balancers b. aws-elbv2-target-group c. aws-elb-describe-policies d. aws-elbv2-describe-load-balancers

b. aws-elbv2-target-group d. aws-elbv2-describe-load-balancers

Which two rule types are relevant to runtime? (Choose two.) a. services b. filesystem c. processes d. networking

b. filesystem c. processes

Which state can an alert return to after it has snoozed and the timer has expired? a. dismissed b. resolved c. active d. inactive

b. resolved

Which count does the Resource Summary in the Prisma Cloud Asset Inventory contain? a. total resource types b. total unique resources c. all assets in the Asset Explorer d. all assets in the Resource Explorer

b. total unique resources


Ensembles d'études connexes

SHS Biology -- Specialized Cells and Tissues

View Set

Unit 9: Social Media and the Work Force Part 1

View Set

CMN 140 - All the Quizlets I could find.

View Set

Chapter 7 Risk, Return, and the Capital Asset Pricing Model

View Set

CFA_L1_Assignment_94_Lesson 1: Balance Sheet: Components and Format

View Set

Blood Bank BOC (3 Physiology and Pathophysiology)

View Set

Compensation Test 1 Chapter 5 Class Notes

View Set

Micro Economics Ch 6 Q's and A's

View Set