PCCSE · Question #151
Which action would be applicable after enabling anomalous compute provisioning?
The correct answer is D. It detects potential creation of an unauthorized network of compute instances either accidentally. The 'Anomalous Compute Provisioning' detection feature in Prisma Cloud is designed to identify the potential accidental or malicious creation of an unauthorized network of compute instances (e.g., crypto-mining botnets or unauthorized infrastructure). It uses machine learning to
Question
Which action would be applicable after enabling anomalous compute provisioning?
Options
- AIt detects the activity caused by the spambot.
- BIt detects unusual server port activity or unusual protocol activity from a client within or outside the
- CIt detects potential creation of an unauthorized network of compute instances with AutoFocus.
- DIt detects potential creation of an unauthorized network of compute instances either accidentally
How the community answered
(26 responses)- A4% (1)
- C4% (1)
- D92% (24)
Explanation
The 'Anomalous Compute Provisioning' detection feature in Prisma Cloud is designed to identify the potential accidental or malicious creation of an unauthorized network of compute instances (e.g., crypto-mining botnets or unauthorized infrastructure). It uses machine learning to baseline normal provisioning behavior and flags deviations. It does not focus on spambots, unusual port/protocol activity (which falls under network anomaly detection), or AutoFocus threat intelligence correlation.
Topics
Community Discussion
No community discussion yet for this question.