nerdexam
Palo_Alto_Networks

PCCSE · Question #151

Which action would be applicable after enabling anomalous compute provisioning?

The correct answer is D. It detects potential creation of an unauthorized network of compute instances either accidentally. The 'Anomalous Compute Provisioning' detection feature in Prisma Cloud is designed to identify the potential accidental or malicious creation of an unauthorized network of compute instances (e.g., crypto-mining botnets or unauthorized infrastructure). It uses machine learning to

Cloud Native Security

Question

Which action would be applicable after enabling anomalous compute provisioning?

Options

  • AIt detects the activity caused by the spambot.
  • BIt detects unusual server port activity or unusual protocol activity from a client within or outside the
  • CIt detects potential creation of an unauthorized network of compute instances with AutoFocus.
  • DIt detects potential creation of an unauthorized network of compute instances either accidentally

How the community answered

(26 responses)
  • A
    4% (1)
  • C
    4% (1)
  • D
    92% (24)

Explanation

The 'Anomalous Compute Provisioning' detection feature in Prisma Cloud is designed to identify the potential accidental or malicious creation of an unauthorized network of compute instances (e.g., crypto-mining botnets or unauthorized infrastructure). It uses machine learning to baseline normal provisioning behavior and flags deviations. It does not focus on spambots, unusual port/protocol activity (which falls under network anomaly detection), or AutoFocus threat intelligence correlation.

Topics

#Anomalous Provisioning#Cloud Resource Security#Threat Detection#Compute Instance

Community Discussion

No community discussion yet for this question.

Full PCCSE Practice