nerdexam
Palo_Alto_Networks

PCCSE · Question #136

Drag and Drop Question Move the steps to the correct order to set up and execute a serverless scan using AWS DevOps. Answer:

The correct answer is Download Prisma Cloud Lambda function executable; Create Lambda function with settings; Create a pipeline with settings; Execute Pipeline. The correct order for setting up and executing a serverless scan involves obtaining the scan executable, deploying it as an AWS Lambda function, integrating it into a CI/CD pipeline, and then executing the pipeline to initiate the scan.

Serverless Security

Question

Drag and Drop Question Move the steps to the correct order to set up and execute a serverless scan using AWS DevOps. Answer:

Exhibit

PCCSE question #136 exhibit

Answer Area

Drag items

Execute PipelineCreate Lambda function with settingsDownload Prisma Cloud Lambda function executableCreate a pipeline with settings

Correct arrangement

  • Download Prisma Cloud Lambda function executable
  • Create Lambda function with settings
  • Create a pipeline with settings
  • Execute Pipeline

Explanation

The correct order for setting up and executing a serverless scan involves obtaining the scan executable, deploying it as an AWS Lambda function, integrating it into a CI/CD pipeline, and then executing the pipeline to initiate the scan.

Approach. The interaction requires dragging the steps from the left panel to the numbered drop zones on the right in the correct logical sequence. The correct order is based on the typical workflow for deploying and automating a serverless application or security tool within an AWS DevOps environment:

  1. Download Prisma Cloud Lambda function executable (First): This is the prerequisite step. Before you can create a Lambda function for a specific task, you must first obtain the necessary code or executable that the function will run. The 'Prisma Cloud Lambda function executable' is the scanning logic itself.
  2. Create Lambda function with settings (Second): Once the executable is downloaded, the next logical step is to deploy it as an AWS Lambda function. This involves configuring the Lambda function (e.g., runtime, memory, triggers, IAM roles) and associating it with the downloaded executable code, making the serverless scanner operational.
  3. Create a pipeline with settings (Third): To automate the execution of this serverless scan as part of a Continuous Integration/Continuous Delivery (CI/CD) process, a pipeline (e.g., using AWS CodePipeline) must be set up. This pipeline will define the workflow stages and actions, including how and when the Lambda function should be invoked.
  4. Execute Pipeline (Fourth): After all the components are prepared and configured - the scan executable downloaded, the Lambda function created, and the automation pipeline defined - the final step to perform the actual serverless scan is to execute the pipeline. This triggers the entire automated workflow, including the invocation of the Lambda function for scanning.

Common mistakes.

  • common_mistake. Common mistakes typically involve misordering the dependencies of these steps. For example:
  • Executing the pipeline first or before it's created: A pipeline cannot be executed if it hasn't been defined and configured, and it certainly can't perform a scan if the Lambda function it's supposed to invoke doesn't exist or isn't properly configured.
  • Creating a pipeline before the Lambda function or its executable is ready: While an empty pipeline can be created, setting up a pipeline 'with settings' to perform a specific scan implies that the target Lambda function and its underlying executable should be available or at least well-defined. Attempting to integrate something that doesn't yet exist would lead to configuration errors.
  • Creating the Lambda function before downloading the executable: A Lambda function needs code to execute. You cannot create a functional Lambda scanning function without first having the 'Prisma Cloud Lambda function executable' to deploy to it. Each step builds upon the previous one in a logical and sequential manner; deviations lead to an incomplete or non-functional setup.

Concept tested. The core concept tested is the understanding of the end-to-end process for deploying and integrating a serverless security scanning solution (specifically using a 'Prisma Cloud Lambda function') within an AWS DevOps or CI/CD pipeline. This encompasses knowledge of AWS Lambda function deployment, serverless architecture, CI/CD pipeline orchestration, and the logical prerequisites for automating security scanning in a cloud-native environment.

Topics

#Serverless Security#AWS DevOps#Vulnerability Scanning#Prisma Cloud

Community Discussion

No community discussion yet for this question.

Full PCCSE Practice