Cisco®
CompTIA
Checkpoint
ISC
EC-Council
EXIN
Fortinet
ITIL®
Juniper
PMI
Microsoft
VMware
Avaya
Google
Salesforce
Amazon
Palo Alto Networks
ISC2
Splunk®
Scrum
All Vendors
  2. Home
  3. Exams
  4. Palo Alto Networks
  5. PCCSE

Free PCCSE Exam Braindumps (page: 5)

Page 5 of 63
PDF with 260 Questions

An administrator has deployed Console into a Kubernetes cluster running in AWS. The administrator also has configured a load balancer in TCP passthrough mode to listen on the same ports as the default Prisma Compute Console configuration.

In the build pipeline, the administrator wants twistcli to talk to Console over HTTPS.
Which port will twistcli need to use to access the Prisma Compute APIs?

  1. 8084
  2. 443
  3. 8083
  4. 8081

Answer(s): A

Explanation:

When the administrator wants twistcli to communicate with the Console over HTTPS in a Kubernetes cluster, and considering the load balancer is configured in TCP passthrough mode, A. 8084 is typically the port used for secure HTTPS communication with the Prisma Compute Console. This port will allow twistcli to access the Prisma Compute APIs securely.

https://docs.prismacloudcompute.com/docs/compute_edition_21_04/tools/twistcli.html#connectivi ty-to-console



A customer is reviewing Container audits, and an audit has identified a cryptominer attack.
Which three options could have generated this audit? (Choose three.)

  1. The value of the mined currency exceeds $100.
  2. High CPU usage over time for the container is detected.
  3. Common cryptominer process name was found.
  4. The mined currency is associated with a user token.
  5. Common cryptominer port usage was found.

Answer(s): B,C,E

Explanation:

In the case of identifying a cryptominer attack through container audits, the options that could have generated this audit include B. High CPU usage over time for the container is detected, which is a common indicator of cryptomining activity as it consumes significant computational resources, C. Common cryptominer process name was found, which directly indicates the presence of cryptomining based on known malicious processes, and E. Common cryptominer port usage was found, suggesting cryptomining activity based on network behavior typical of such attacks.



Which step is included when configuring Kubernetes to use Prisma Cloud Compute as an admission controller?

  1. copy the Console address and set the config map for the default namespace.
  2. create a new namespace in Kubernetes called admission-controller.
  3. enable Kubernetes auditing from the Defend > Access > Kubernetes page in the Console.
  4. copy the admission controller configuration from the Console and apply it to Kubernetes.

Answer(s): D

Explanation:

When configuring Kubernetes to use Prisma Cloud Compute as an admission controller, a crucial step involves D. copy the admission controller configuration from the Console and apply it to Kubernetes. This step is essential for integrating Prisma Cloud Compute's security controls directly into the Kubernetes admission process, enabling real-time security assessments and policy enforcement for new or modified resources within the cluster.
https://docs.paloaltonetworks.com/prisma/prisma-cloud/20-04/prisma-cloud-compute-edition- admin/access_control/open_policy_agent.html step 2



A Prisma Cloud administrator is onboarding a single GCP project to Prisma Cloud.
Which two steps can be performed by the Terraform script? (Choose two.)

  1. enable flow logs for Prisma Cloud.
  2. create the Prisma Cloud role.
  3. enable the required APIs for Prisma Cloud.
  4. publish the flow log to a storage bucket.

Answer(s): B,C

Explanation:

When a Prisma Cloud administrator is onboarding a single GCP project to Prisma Cloud, the Terraform script can perform several steps to facilitate this integration. The steps include B. create the Prisma Cloud role, which is essential for defining the permissions and capabilities that Prisma Cloud will have within the GCP environment, and C. enable the required APIs for Prisma Cloud, ensuring that Prisma Cloud can access the necessary GCP services and features for comprehensive cloud security management.






Post your Comments and Discuss Palo Alto Networks PCCSE exam with other Community members: