PCCSE · Question #1
A security team has a requirement to ensure the environment is scanned for vulnerabilities. What are three options for configuring vulnerability policies? (Choose three.)
The correct answer is C. output verbosity for blocked requests D. apply policy only when vendor fix is available E. individual grace periods for each severity level. Prisma Cloud vulnerability policies support three relevant configuration options here: (C) output verbosity for blocked requests controls how much detail is logged/reported when a request is blocked; (D) apply policy only when vendor fix is available reduces noise by only alertin
Question
A security team has a requirement to ensure the environment is scanned for vulnerabilities. What are three options for configuring vulnerability policies? (Choose three.)
Options
- Acustomize message on blocked requests
- Bindividual actions based on package type
- Coutput verbosity for blocked requests
- Dapply policy only when vendor fix is available
- Eindividual grace periods for each severity level
How the community answered
(25 responses)- A4% (1)
- C96% (24)
Explanation
Prisma Cloud vulnerability policies support three relevant configuration options here: (C) output verbosity for blocked requests controls how much detail is logged/reported when a request is blocked; (D) apply policy only when vendor fix is available reduces noise by only alerting when a patch exists, making alerts actionable; and (E) individual grace periods for each severity level lets teams set different remediation windows depending on how critical a vulnerability is (e.g., Critical gets 7 days, Low gets 30 days). Options A (customize message on blocked requests) and B (individual actions based on package type) are not standard vulnerability policy configuration options in Prisma Cloud.
Topics
Community Discussion
No community discussion yet for this question.