PCCSE Practice Questions
258 real PCCSE exam questions with expert-verified answers and explanations. Page 1 of 6.
- Question #1Cloud Native Security
A security team has a requirement to ensure the environment is scanned for vulnerabilities. What are three options for configuring vulnerability policies? (Choose three.)
Vulnerability PoliciesPrisma CloudPolicy ConfigurationCloud Native Security - Question #2Data Security
Which three steps are involved in onboarding an account for Data Security? (Choose three.)
Data Security OnboardingCloudTrailS3 bucketCloud Logging - Question #3Container Security
A customer is reviewing Container audits, and an audit has identified a cryptominer attack. Which three options could have generated this audit? (Choose three.)
Container SecurityCryptomining DetectionRuntime ProtectionCloud Auditing - Question #4Cloud Native Security
An administrator wants to install the Defenders to a Kubernetes cluster. This cluster is running the console on the default service endpoint and will be exporting to YAML. - Consol...
Prisma Cloud DefenderKubernetes DeploymenttwistcliYAML Configuration - Question #5Cloud Compliance and Governance
The Prisma Cloud administrator has configured a new policy. Which steps should be used to assign this policy to a compliance standard?
Prisma Cloud PoliciesCompliance StandardsPolicy ManagementPrisma Cloud UI - Question #6Cloud Compliance and Governance
Given a default deployment of Console, a customer needs to identify the alerted compliance checks that are set by default. Where should the customer navigate in Console?
Prisma Cloud UI NavigationCompliance ManagementDefault Policies - Question #7Prisma Cloud Platform
What is an example of an outbound notification within Prisma Cloud?
Prisma CloudOutbound NotificationsIntegrationsAlerting - Question #8Prisma Cloud Platform
You are tasked with configuring a Prisma Cloud build policy for Terraform. What type of query is necessary to complete this policy?
Prisma Cloud Build PolicyIaC SecurityTerraformPolicy Query Language - Question #9Cloud Network Security
A customer does not want alerts to be generated from network traffic that originates from trusted internal networks. Which setting should you use to meet this customer's request?
Network SecurityAlert ManagementAnomaly DetectionTraffic Whitelisting - Question #10Prisma Cloud Platform
A business unit has acquired a company that has a very large AWS account footprint The plan is to immediately start onboarding the new company's AWS accounts into Prisma Cloud Ente...
Prisma Cloud APIAWS Account OnboardingCloud Account Management - Question #11Security Operations and Incident Response
How are the following categorized? - Backdoor account access - Hijacked processes - Lateral movement - Port scanning
Attack TechniquesCybersecurity IncidentsThreat DetectionIncident Response - Question #12Prisma Cloud Platform
A security team has been asked to create a custom policy. Which two methods can the team use to accomplish this goal? (Choose two )
Prisma Cloud PoliciesCustom Policy CreationPolicy ManagementOut-of-the-Box Policies - Question #13Prisma Cloud Platform
A Prisma Cloud administrator is onboarding a single GCP project to Prisma Cloud. Which two steps can be performed by the Terraform script? (Choose two.)
GCP OnboardingTerraformCloud Account SetupIAM - Question #14Prisma Cloud Platform
You are an existing customer of Prisma Cloud Enterprise. You want to onboard a public cloud account and immediately see all of the alerts associated with this account based off ALL...
Prisma Cloud OnboardingAccount GroupsPolicy ApplicationAlert Management - Question #15Prisma Cloud Platform
Which options show the steps are required to upgrade Console when using projects?
Console upgradePrisma Cloud architectureSupervisor ConsolesProject-based deployments - Question #16Security Operations and Incident Response
An organization wants to be notified immediately to any "High Seventy" alerts for the account group "Clinical Trials" via Slack. Which option shows the steps should the organizatio...
Slack IntegrationAlert NotificationSecurity Operations - Question #17Cloud Network Security
The Unusual protocol activity (Internal) network anomaly is generating too many alerts. An administrator has been asked to tune it to the option that will generate the least number...
Network Anomaly DetectionAlert TuningSecurity Policy ConfigurationNetwork Security Monitoring - Question #18Container Security
The development team wants to fail CI jobs where a specific CVE is contained within the image. How should the development team configure the pipeline or policy to produce this outc...
Container Image SecurityVulnerability ManagementCI/CD SecurityPrisma Cloud Policy - Question #19Cloud Native Security
A customer has Prisma Cloud Enterprise and host Defenders deployed What are two options that allow an administrator to upgrade Defenders? (Choose two )
Prisma Cloud DefenderDefender UpgradeHost SecurityPlatform Management - Question #20Container Security
An administrator has access to a Prisma Cloud Enterprise What are the steps to deploy a single container Defender on an ec2 node?
Prisma Cloud DefenderContainer Host SecurityEC2 DeploymentAgent Deployment - Question #21Container Security
The development team wants to block Cross Site Scripting attacks from pods its environment How should the team construct the CNAF policy to protect against this attack?
Container SecurityApplication SecurityCloud Native SecurityXSS Protection - Question #22Container Security
A security team is deploying Cloud Native Application Firewall (CNAF) on a containerized web application. The application is running an NGINX container. The container is listening...
CNAFContainer NetworkingPort MappingContainer Security - Question #23Container Security
An administrator sees that a runtime audit has been generated for a Container The audit message is DNS resolution of suspicious name wikipedia.com. type A". Why would this message...
Container Runtime ProtectionPrisma Cloud ModelsDNS Auditing - Question #24Data Security
Which three types of classifications are available in the Data Security module? (Choose three. )
Data Security ModuleData ClassificationSensitive DataMalware Detection - Question #25Prisma Cloud Platform
A customer finds that an open alert from the previous day has been resolved No auto- remediation was configured. Which two reasons explain this change in alert status? (Choose two...
Alert managementPrisma Cloud policiesResource lifecycleCloud security monitoring - Question #26Prisma Cloud Platform
What is the behavior of Defenders when the Console is unreachable during upgrades?
Defender behaviorConsole connectivityPolicy enforcementSystem resilience - Question #27Serverless Security
A customer has a requirement to automatically protect all Lambda functions with runtime protection. What is the process to automatically protect all the Lambda functions?
Serverless securityRuntime protectionAWS LambdaAutomated defense - Question #28Prisma Cloud Platform
You have onboarded a public cloud account into Prisma Cloud Enterprise Configuration Resource ingestion is visible in the Asset Inventory for the onboarded account, but no alerts a...
Prisma Cloud AlertsConfiguration SecurityPolicy ManagementTroubleshooting - Question #29Prisma Cloud Platform
Which statement is true regarding CloudFormation templates?
CloudFormation SecurityIaC Security ScanningAWS Security - Question #30Container Security
An administrator has deployed Console into a Kubernetes cluster running in AWS. The administrator also has configured a load balancer in TCP passthrough mode to listen on the same...
Prisma Cloud Compute ConsoleAPI AccessDefault Portstwistcli - Question #31Serverless Security
A customer has a requirement to scan serverless functions for vulnerabilities. Which three settings are required to configure serverless scanning? (Choose three )
Serverless SecurityVulnerability ScanningCloud Configuration - Question #32Container Security
Which step is included when configuring Kubernetes to use Prisma Cloud Compute as an admission controller?
Kubernetes SecurityAdmission ControllersPrisma Cloud ComputeContainer Configuration - Question #33Prisma Cloud Platform
A S3 bucket within AWS has generated an alert by violating the Prisma Cloud Default policy "AWS S3 buckets are accessible to public" The policy definition follows: config where clo...
Prisma Cloud PoliciesAWS S3 SecurityCloud Misconfiguration - Question #34Container Security
Which three Options are selectable in a CI policy for image scanning with Jenkins or twistcli? (Choose three.)
CI/CD SecurityContainer Image ScanningPrisma Cloud PoliciesVulnerability Management - Question #35Cloud Compliance and Governance
Drag and Drop Question Which order of steps map a policy to a custom compliance standard? (Drag the steps into the correct order of occurrence, from the first step to the last.) An...
Policy mappingCustom compliance standardCompliance managementPrisma Cloud Compliance - Question #36Cloud Network Security
Drag and Drop Question What is the order of steps to create a custom network policy? (Drag the steps into the correct order of occurrence, from the first step to the last.) Answer:
Network Policy ConfigurationPrisma Cloud PolicySecurity Policy ManagementCloud Network Security - Question #37Cloud Native Security
Drag and Drop Question You wish to create a custom policy with build and run subtypes. Match the query types for each example. (Select your answer from the pull-down list. Answers...
Custom PoliciesShift-Left SecurityRuntime ProtectionPolicy Query Language - Question #38Prisma Cloud Platform
Drag and Drop Question Match the service on the right that evaluates each exposure type on the left. (Select your answer from the pull-down list. Answers may be used more than once...
Prisma Cloud ComponentsCloud Security FunctionsExposure TypesService Mapping - Question #39Prisma Cloud Platform
Drag and Drop Question An administrator has been tasked with creating a custom service that will download any existing compliance report from a Prisma Cloud Enterprise. tenant-In w...
Prisma Cloud APIsCompliance ReportingAPI WorkflowPlatform Automation - Question #40Prisma Cloud Platform
Drag and Drop Question Match the correct scanning mode for each given operation. (Select your answer from the pull-down list. Answers may be used more than once or not at all.) Ans...
Prisma Cloud ScanningScanning ModesCSPMCWPP - Question #41Cloud Native Security
Drag and Drop Question What is the order of steps in a Jenkins pipeline scan? (Drag the steps into the correct order of occurrence, from the first step to the last.) Answer:
JenkinsCI/CD SecurityPipeline ScanningDevSecOps - Question #42Cloud Infrastructure Entitlement Management (CIEM)
Drag and Drop Question An administrator needs to write a script that automatically deactivates access keys that have not been used for 30 days In which order should the API calls b...
Access Key ManagementAPI AutomationIdentity and Access Management (IAM)Security Automation - Question #43Data Security
Drag and Drop Question Order the steps involved in onboarding an AWS Account for use with Data Security feature. Answer:
AWS account onboardingData SecurityPrisma Cloud integration - Question #44Cloud Native Security
An organization that uses a private cloud in a black site that has no internet connection can use which product?
Private Cloud SecurityAir-gapped SecurityPrisma Cloud ComputeOn-premises Deployment - Question #45Cloud Infrastructure Entitlement Management (CIEM)
You type this query: event where user = 'root'. Where would the events you see originate?
AWSCloud SecurityIdentity and Access ManagementEvent Monitoring - Question #46Prisma Cloud Platform
Can Defender upgrades be restricted to a specific window of time?
Prisma Cloud DefendersUpgrade ManagementAuto-upgrade ControlMaintenance Windows - Question #47Prisma Cloud Platform
Which two statements are true about the differences between build and run config policies? (Choose two.)
Cloud Security PoliciesBuild-time SecurityRun-time SecurityIaC Security - Question #48Prisma Cloud Platform
Which component(s), if any will Palo Alto Networks host and run when a customer purchases Prisma Cloud Enterprise Edition?
Prisma Cloud ArchitectureSaaSDeployment ModelConsole - Question #49Container Security
Which type of compliance check is available for rules under Defend > Compliance > Containers and Images > CI?
Prisma Cloud DefendContainer Image SecurityCompliance Checks - Question #50Serverless Security
A customer wants to scan a serverless function as part of a build process. Which twistcli command can be used to scan serverless functions?
twistcliserverless functionsvulnerability scanningbuild process security