PCCSE Practice Questions
258 real PCCSE exam questions with expert-verified answers and explanations. Page 3 of 6.
- Question #101Prisma Cloud Platform
An administrator needs to detect and alert on any activities performed by a root account. Which policy type should be used?
Audit PoliciesRoot Account MonitoringActivity DetectionCloud Security Monitoring - Question #102Cloud Compliance and Governance
One of the resources on the network has triggered an alert for a Default Config policy. Given the following resource JSON snippet: Which RQL detected the vulnerability? A. B. C. D.
Prisma Cloud RQLConfiguration ManagementPolicy EnforcementMisconfiguration Detection - Question #103Cloud Compliance and Governance
A customer has multiple violations in the environment including: - User namespace is enabled - An LDAP server is enabled - SSH root is enabled Which section of Console should the a...
Prisma Cloud ConsoleCompliance ManagementSecurity ViolationsConfiguration Auditing - Question #104Serverless Security
A customer has serverless functions that are deployed in multiple clouds. Which serverless cloud provider is covered be "overly permissive service access" compliance check?
Serverless SecurityCompliance ChecksCloud Security Posture ManagementIdentity and Access Management - Question #105Container Security
How should the administrator configure Prisma Cloud Compute to satisfy this requirement? Container policy and set the policy effect to alert. the effect to block. set the effect to...
Prisma Cloud ComputeContainer SecuritySecurity PolicyPolicy Enforcement - Question #106Container Security
Which API calls can scan an image named myimage: latest with twistcli and then retrieve the results from Console?
Prisma CloudtwistcliContainer Image ScanVulnerability Management - Question #107Cloud Compliance and Governance
Given the following RQL: event from cloud.audit_logs where operation IN (`CreateCryptoKey', `DestroyCryptoKeyVersion', `v1.compute.disks.createSnapshot') Which audit event snippet...
RQLCloud Audit LogsKey ManagementCloud Infrastructure Monitoring - Question #108Prisma Cloud Platform
Which two of the following are required to be entered on the IdP side when setting up SSO in Prisma Cloud? (Choose two.)
SSO ConfigurationSAMLIdentity Provider (IdP)Prisma Cloud Authentication - Question #109Container Security
An administrator sees that a runtime audit has been generated for a container. The audit message is: "/bin/ls launched and is explicitly blocked in the runtime rule. Full command:...
Container runtime protectionProcess blockingPCCSECloud native security - Question #110Data Security
Which data security default policy is able to scan for vulnerabilities?
Data Security PoliciesMalware ProtectionPalo Alto Networks Security ProfilesThreat Prevention - Question #111Cloud Compliance and Governance
Given the following audit event activity snippet: Which RQL will be triggered by the audit event? A. B. C. D.
RQLAudit EventsPrisma CloudSecurity Monitoring - Question #112Prisma Cloud Platform
Which three fields are mandatory when authenticating the Prisma Cloud plugin in the IntelliJ application? (Choose three.)
Prisma CloudIntelliJ IntegrationAuthenticationAPI Configuration - Question #113Prisma Cloud Platform
Which of the following are correct statements regarding the use of access keys? (Choose two.)
Access KeysAPI SecurityPrisma Cloud AdministrationAuthentication - Question #114Security Operations and Incident Response
Given the following RQL: Which audit event snippet is identified by the RQL? A. B. C. D.
RQLAudit EventsPrisma CloudSecurity Operations - Question #115Application Security
The development team is building pods to host a web front end, and they want to protect these pods with an application firewall. Which type of policy should be created to protect t...
WAASApplication FirewallContainer SecurityLayer 7 Protection - Question #116Cloud Compliance and Governance
A manager informs the SOC that one or more RDS instances have been compromised and the SOC needs to make sure production RDS instances are NOT publicly accessible. Which action sho...
AWS RDS SecurityCloud Security Posture ManagementAuto-remediationPublic Accessibility - Question #117Application Security
An administrator wants to enforce a rate limit for users not being able to post five (5) .tar.gz files within five (5) seconds. What does the administrator need to configure?
WAASDoS ProtectionRate LimitingFile Extension Filtering - Question #118Security Operations and Incident Response
What is an automatically correlated set of individual events generated by the firewall and runtime sensors to identify unfolding attacks?
Incident ManagementEvent CorrelationAttack DetectionSecurity Monitoring - Question #119Prisma Cloud Platform
A customer wants to monitor the company's AWS accounts via Prisma Cloud, but only needs the resource configuration to be monitored for now. Which two pieces of information do you n...
Prisma CloudAWS IntegrationConfiguration MonitoringOnboarding - Question #120Cloud Network Security
An administrator for Prisma Cloud needs to obtain a graphical view to monitor all connections, including connections across hosts and connections to any configured network objects....
Prisma Cloud Network SecurityCloud Native Network FirewallNetwork MonitoringTraffic Visualization - Question #121Prisma Cloud Platform
Which two fields are required to configure SSO in Prisma Cloud? (Choose two.)
SSO ConfigurationSAMLPrisma Cloud AdministrationIdentity and Access Management - Question #122Application Security
Which two IDE plugins are supported by Prisma Cloud as part of its DevOps Security? (Choose two.)
DevOps SecurityPrisma Cloud IntegrationsShift-Left SecurityApplication Security - Question #123Prisma Cloud Platform
Which two CI/CD plugins are supported by Prisma Cloud as part of its DevOps Security? (Choose two.).
DevOps SecurityCI/CD IntegrationsPrisma Cloud Platform - Question #124Cloud Compliance and Governance
Given the following JSON query: $.resource[*].aws_s3_bucket exists Which tab is the correct place to add the JSON query when creating a Config policy?
Prisma Cloud PoliciesConfig PoliciesRQLPrisma Cloud UI - Question #125Prisma Cloud Platform
Which two attributes of policies can be fetched using API? (Choose two.)
Prisma Cloud APIPolicy ManagementAPI Attributes - Question #126Container Security
Which two options may be used to upgrade the Defenders with a Console v20.04 and Kubernetes deployment? (Choose two.)
Prisma Cloud DefenderKubernetes deploymentDefender upgradeDaemonSet - Question #127Serverless Security
A customer has a requirement to scan serverless functions for vulnerabilities. What is the correct option to configure scanning?
Serverless SecurityVulnerability ManagementPrisma Cloud DefendFunction Scanning - Question #128Prisma Cloud Platform
An administrator has been tasked with a requirement by your DevSecOps team to write a script to continuously query programmatically the existing users, and the user's associated pe...
API DocumentationPrisma Cloud PlatformProgrammatic AccessUser Permissions - Question #129Container Security
When would a policy apply if the policy is set under Defend > Vulnerability > Images > Deployed?
Prisma Cloud PoliciesContainer Runtime SecurityImage Vulnerability ManagementPolicy Enforcement Points - Question #130Prisma Cloud Platform
Which two required request headers interface with Prisma Cloud API? (Choose two.)
Prisma Cloud APIAPI headersAuthenticationContent-type - Question #131Security Operations and Incident Response
An administrator has a requirement to ingest all Console and Defender logs to Splunk. Which option will satisfy this requirement in Prisma Cloud Compute?
Prisma Cloud ComputeLog ManagementSIEM IntegrationSyslog - Question #132Cloud Compliance and Governance
The security team wants to enable the "block" option under compliance checks on the host. What effect will this option have if it violates the compliance check?
Compliance ChecksHost SecurityEnforcement PolicyContainer Security - Question #133Container Security
During an initial deployment of Prisma Cloud Compute, the customer sees vulnerabilities in their environment. Which statement correctly describes the default vulnerability policy?
Prisma Cloud ComputeVulnerability managementDefault policyContainer security - Question #134Container Security
Console is running in a Kubernetes cluster, and you need to deploy Defenders on nodes within this cluster. Which option shows the steps to deploy the Defenders in Kubernetes using...
Prisma Cloud Defender DeploymentKubernetes Service DiscoveryContainer Security DeploymentPCCSE Operational Knowledge - Question #135Application Security
Drag and Drop Question Put the steps involved to configure and scan using the IntelliJ plugin in the correct order. Answer:
IDE integrationApplication Security ToolsVulnerability ScanningPrisma Cloud - Question #136Serverless Security
Drag and Drop Question Move the steps to the correct order to set up and execute a serverless scan using AWS DevOps. Answer:
Serverless SecurityAWS DevOpsVulnerability ScanningPrisma Cloud - Question #137Prisma Cloud Platform
Which two attributes are required for a custom config RQL? (Choose two.)
Prisma CloudRQLCustom PoliciesConfiguration Management - Question #138Prisma Cloud Platform
Which type of query is used for scanning Infrastructure as Code (laC) templates?
Infrastructure as CodeIaC ScanningJSON Data Format - Question #139Prisma Cloud Platform
Which RQL query type is invalid?
RQLPrisma Cloud Query LanguagePrisma Cloud PlatformQuery Types - Question #140Prisma Cloud Platform
On which cloud service providers can you receive new API release information for Prisma Cloud?
Prisma CloudCloud Service ProvidersAPI release informationMulti-cloud support - Question #141Application Security
Web-Application and API Security (WAAS) provides protection for which two protocols? (Choose two.)
WAASApplication SecurityHTTPTLS - Question #142Prisma Cloud Platform
What is the most reliable and extensive source for documentation on Prisma Cloud APIs?
Prisma Cloud APIsAPI DocumentationDeveloper ResourcesPlatform Integration - Question #143Prisma Cloud Platform
How often do Defenders share logs with Console?
Prisma Cloud DefendersLog CollectionDefender-Console Communication - Question #144Container Security
In Prisma Cloud Software Release 22.06 (Kepler), which Registry type is added?
Prisma Cloud FeaturesRegistry IntegrationGoogle Artifact RegistryProduct Updates - Question #145Cloud Native Security
Which three elements are part of SSH Events in Host Observations? (Choose three.)
SSH EventsHost ObservationsWorkload SecurityEvent Monitoring - Question #146Cloud Infrastructure Entitlement Management (CIEM)
Which two variables must be modified to achieve automatic remediation for identity and access management (IAM) alerts in the Amazon Web Services (AWS) Cloud? (Choose two.)
Automatic RemediationIAM SecurityAWS IntegrationPrisma Cloud - Question #147Cloud Infrastructure Entitlement Management (CIEM)
Which three actions are required in order to use the automated method within Azure Cloud to streamline the process of using remediation in the identity and access management (IAM)...
Automated RemediationAzure Identity & Access ManagementCloud Security AutomationPrisma Cloud Integration - Question #148Prisma Cloud Platform
Which two roles have access to view the Prisma Cloud policies? (Choose two.)
Prisma Cloud RolesRBACPolicy ManagementUser Permissions - Question #149Prisma Cloud Platform
An administrator has added a Cloud account on Prisma Cloud and then deleted it. What will happen if the deleted account is added back on Prisma Cloud within a 24-hour period?
Prisma CloudAlert ManagementCloud Account LifecyclePlatform Behavior - Question #150Container Security
In which two ways can Prisma Cloud images be retrieved in Prisma Cloud Compute Self-Hosted Edition? (Choose two.)
Prisma Cloud ComputeImage RetrievalContainer ImagesRegistry Authentication