CompTIA
Checkpoint
ISC
HP
Dell
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
Certiport
ISC2
All Vendors
  2. Home
  3. Exams
  4. Palo Alto Networks
  5. PCCSE

Free PCCSE Exam Braindumps (page: 15)

Page 14 of 63
PDF with 260 Questions

You have onboarded a public cloud account into Prisma Cloud Enterprise. Configuration Resource ingestion is visible in the Asset Inventory for the onboarded account, but no alerts are being generated for the configuration assets in the account.

Config policies are enabled in the Prisma Cloud Enterprise tenant, with those policies associated to existing alert rules. ROL statements on the investigate matching those policies return config resource results successfully.

Why are no alerts being generated?

  1. The public cloud account is not associated with an alert notification.
  2. The public cloud account does not have audit trail ingestion enabled.
  3. The public cloud account does not access to configuration resources.
  4. The public cloud account is not associated with an alert rule.

Answer(s): D

Explanation:

In Prisma Cloud Enterprise, for alerts to be generated for configuration assets in an onboarded public cloud account, it is essential that the account is associated with an alert rule that matches the enabled config policies. If the account is not linked to an alert rule or if the existing alert rules do not match the config policies, no alerts will be generated even though configuration resource ingestion is visible, and RQL statements return config resource results. This requirement emphasizes the need for a well-structured alerting mechanism to ensure that security incidents are promptly identified and addressed.



The security team wants to target a CNAF policy for specific running Containers. How should the administrator scope the policy to target the Containers?

  1. scope the policy to Image names.
  2. scope the policy to namespaces.
  3. scope the policy to Defender names.
  4. scope the policy to Host names.

Answer(s): A

Explanation:

To specifically target running containers with a Cloud Native Application Framework (CNAF) policy in Prisma Cloud, the administrator should scope the policy to Image names. By doing so, the policy will apply to containers based on the images they were created from, allowing for precise targeting of security policies to specific containers. This approach is part of Prisma Cloud's capabilities to provide granular security controls for containerized environments, ensuring that policies are effectively applied to the relevant containers.



The InfoSec team wants to be notified via email each time a Security Group is misconfigured.
Which Prisma Cloud tab should you choose to complete this request?

  1. Notifications
  2. Policies
  3. Alert Rules
  4. Events

Answer(s): C

Explanation:

In Prisma Cloud, to notify the InfoSec team via email about misconfigured Security Groups, the appropriate tab to use is "Alert Rules." Alert rules in Prisma Cloud define the conditions under which alerts are generated and the notification channels, including email, where these alerts are sent. By configuring alert rules related to Security Group misconfigurations, the platform can automatically notify the team when such an event occurs, ensuring prompt awareness and response to potential security issues.



An administrator has access to a Prisma Cloud Enterprise.

What are the steps to deploy a single container Defender on an ec2 node?

  1. Pull the Defender image to the ec2 node, copy and execute the curl | bash script, and start the Defender to ensure it is running.
  2. Execute the curl | bash script on the ec2 node.
  3. Configure the cloud credential in the console and allow cloud discovery to auto-protect the ec2 node.
  4. Generate DaemonSet file and apply DaemonSet to the twistlock namespace.

Answer(s): A

Explanation:

To deploy a single container Defender on an EC2 node in Prisma Cloud Enterprise, the correct steps involve pulling the Defender image to the EC2 node, executing the provided curl | bash script to install the Defender, and then starting the Defender to ensure it is actively running. This process allows the Defender to integrate with the Prisma Cloud platform and provide real-time monitoring and protection for the EC2 instance it is deployed on, aligning with Prisma Cloud's approach to extending security coverage to individual cloud resources.


Reference:

https://docs.twistlock.com/docs/compute_edition/install/install_kubernetes.html






Post your Comments and Discuss Palo Alto Networks PCCSE exam with other Community members:

PCCSE Discussions & Posts