nerdexam
Palo_Alto_Networks

PCCSE · Question #227

Which three options for hardening a customer environment against misconfiguration are included in Prisma Cloud Compute compliance enforcement for hosts? (Choose three.)

The correct answer is B. Docker daemon configuration D. Host configuration E. Hosts without Defender agents. Prisma Cloud Compute's compliance enforcement for hosts targets three specific areas: (B) Docker daemon configuration - it checks how the Docker engine itself is configured on the host against CIS benchmarks and best practices; (D) Host configuration - it audits OS-level settings

Cloud Compliance and Governance

Question

Which three options for hardening a customer environment against misconfiguration are included in Prisma Cloud Compute compliance enforcement for hosts? (Choose three.)

Options

  • AServerless functions
  • BDocker daemon configuration
  • CCloud provider tags
  • DHost configuration
  • EHosts without Defender agents

How the community answered

(27 responses)
  • A
    4% (1)
  • B
    96% (26)

Explanation

Prisma Cloud Compute's compliance enforcement for hosts targets three specific areas: (B) Docker daemon configuration - it checks how the Docker engine itself is configured on the host against CIS benchmarks and best practices; (D) Host configuration - it audits OS-level settings, file permissions, and system configurations directly on the host; and (E) Hosts without Defender agents - Prisma Cloud flags unprotected hosts (those lacking an installed Defender agent) as a compliance gap, since unmonitored hosts represent a blind spot and misconfiguration risk. Option A (Serverless functions) is a separate compute category with its own compliance checks, and Option C (Cloud provider tags) are metadata labels used for organization, not host hardening enforcement.

Topics

#Prisma Cloud Compute#Host Security#Compliance Enforcement#Misconfiguration Prevention

Community Discussion

No community discussion yet for this question.

Full PCCSE Practice