nerdexam
Palo_Alto_Networks

PCCSE · Question #39

Drag and Drop Question An administrator has been tasked with creating a custom service that will download any existing compliance report from a Prisma Cloud Enterprise. tenant-In which order will the

The correct answer is GET https://api.prismacloud.io/report; GET https://api.prismacloud.io/report/id/download; POST https://api.prismacloud.io/login. To download an existing compliance report from Prisma Cloud, the correct API execution order is to first authenticate, then list reports to identify the desired one, and finally initiate the download.

Prisma Cloud Platform

Question

Drag and Drop Question An administrator has been tasked with creating a custom service that will download any existing compliance report from a Prisma Cloud Enterprise. tenant-In which order will the APIs be executed for this service? (Drag the steps into the correct order of occurrence from the first step to the last) Answer:

Exhibit

PCCSE question #39 exhibit

Answer Area

Drag items

POST https://api.prismacloud.io/loginGET https://api.prismacloud.io/reportGET https://api.prismacloud.io/report/id/download

Correct arrangement

Explanation

To download an existing compliance report from Prisma Cloud, the correct API execution order is to first authenticate, then list reports to identify the desired one, and finally initiate the download.

Approach. The correct interaction is to drag the API calls into the 'Ordered Options' column in the following sequence:

  1. First step: POST https://api.prismacloud.io/login - This is the standard first step for any secure API interaction. Before accessing any resources or performing actions on a platform like Prisma Cloud, a client must authenticate to obtain an authorization token or session. This POST request to the /login endpoint handles that authentication process.

  2. Second step: GET https://api.prismacloud.io/report - Once authenticated, the next logical step to download an existing report is to first identify which report needs to be downloaded. This GET request to the /report endpoint would typically return a list of available compliance reports, including their metadata and unique identifiers (IDs). This allows the service to parse the response and select the specific report for download.

  3. Third step: GET https://api.prismacloud.io/report/id/download - After identifying the specific report by its ID (obtained from the previous GET /report call), this GET request is used to initiate the download of that particular report. The /id/download suffix clearly indicates its purpose is to retrieve the report's content for a given ID.

Therefore, the correct drag-and-drop order from top to bottom in the 'Ordered Options' column should be: 'POST https://api.prismacloud.io/login', 'GET https://api.prismacloud.io/report', 'GET https://api.prismacloud.io/report/id/download'.

Common mistakes.

  • common_mistake. A common mistake is failing to prioritize the authentication step or incorrectly ordering the resource retrieval and specific action steps. For example, if a test-taker places 'GET https://api.prismacloud.io/report' first, it would be incorrect because API access typically requires authentication (login) before any resource can be queried or retrieved. Similarly, attempting to 'GET https://api.prismacloud.io/report/id/download' before 'GET https://api.prismacloud.io/report' is also incorrect because you wouldn't know the specific 'id' of the report to download without first listing or querying for available reports. Another mistake would be putting 'POST https://api.prismacloud.io/login' at the end, as operations cannot succeed without prior authentication.

Concept tested. API authentication workflow, RESTful API design principles, sequential API call execution, and understanding common patterns for retrieving and downloading resources using APIs.

Topics

#Prisma Cloud APIs#Compliance Reporting#API Workflow#Platform Automation

Community Discussion

No community discussion yet for this question.

Full PCCSE Practice