This page was exported from Best Free Exam Guide [ http://free.exams4sures.com ]

Export date:Sat Mar 15 4:13:32 2025 / +0000 GMT

___________________________________________________


Title: Palo Alto Networks PCCSE Dumps Questions [2022] Pass for PCCSE Exam [Q39-Q61]

---------------------------------------------------


 Palo Alto Networks PCCSE Dumps Questions [2022] Pass for PCCSE Exam
Updated Palo Alto Networks Study Guide PCCSE Dumps Questions


Q39. An administrator has a requirement to ingest all Console and Defender logs to Splunk.Which option will satisfy this requirement in Prisma Cloud Compute?
&nbsp;Enable the API settings for logging.
&nbsp;Enable the CSV export in the Console.
&nbsp;Enable the syslog option in the Console
&nbsp;Enable the Splunk option in the Console.
Q40. A security team has a requirement to ensure the environment is scanned for vulnerabilities. What are three options for configuring vulnerability policies? (Choose three.)
&nbsp;individual actions based on package type
&nbsp;output verbosity for blocked requests
&nbsp;apply policy only when vendor fix is available
&nbsp;individual grace periods for each severity level
&nbsp;customize message on blocked requests
Q41. You wish to create a custom policy with build and run subtypes. Match the query types for each example.(Select your answer from the pull-down list. Answers may be used more than once or not at all.)
Reference:https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-policies/create-a- policy.htmlQ42. A customer has a requirement to terminate any Container from image topSecret:latest when a process named ransomWare is executed.How should the administrator configure Prisma Cloud Compute to satisfy this requirement?
&nbsp;set the Container model to manual relearn and set the default runtime rule to block for process protection.
&nbsp;set the Container model to relearn and set the default runtime rule to prevent for process protection.
&nbsp;add a new runtime policy targeted at a specific Container name, add ransomWare process into the denied process list, and set the action to &#8220;prevent&#8221;.
&nbsp;choose &#8220;copy into rule&#8221; for the Container, add a ransomWare process into the denied process list, and set the action to &#8220;block&#8221;.
Q43. A customer has a requirement to restrict any container from resolving the name www.evil-url.com.How should the administrator configure Prisma Cloud Compute to satisfy this requirement?
&nbsp;Choose &#8220;copy into rule&#8221; for any Container, set www.evil-url.com as a blocklisted DNS name in the Container policy and set the policy effect to alert.
&nbsp;Set www.evil-url.com as a blocklisted DNS name in the default Container runtime policy, and set the effect to block.
&nbsp;Choose &#8220;copy into rule&#8221; for any Container, set www.evil-url.com as a blocklisted DNS name, and set the effect to prevent.
&nbsp;Set www.evil-url.com as a blocklisted DNS name in the default Container policy and set the effect to prevent.
Q44. Which two attributes of policies can be fetched using API? (Choose two.)
&nbsp;policy label
&nbsp;policy signature
&nbsp;policy mode
&nbsp;policy violation
Q45. Order the steps involved in onboarding an AWS Account for use with Data Security feature.
Q46. A security team has a requirement to ensure the environment is scanned for vulnerabilities. What are three options for configuring vulnerability policies? (Choose three.)
&nbsp;customize message on blocked requests
&nbsp;individual actions based on package type
&nbsp;output verbosity for blocked requests
&nbsp;apply policy only when vendor fix is available
&nbsp;individual grace periods for each severity level
Q47. Which method should be used to authenticate to Prisma Cloud Enterprise programmatically?
&nbsp;single sign-on
&nbsp;SAML
&nbsp;basic authentication
&nbsp;access key
Q48. Which statement accurately characterizes SSO Integration on Prisma Cloud?
&nbsp;Prisma Cloud supports IdP initiated SSO, and its SAML endpoint supports the POST and GET methods.
&nbsp;Okta, Azure Active Directory, PingID, and others are supported via SAML.
&nbsp;An administrator can configure different Identity Providers (IdP) for all the cloud accounts that Prisma Cloud monitors.
&nbsp;An administrator who needs to access the Prisma Cloud API can use SSO after configuration.
Q49. Which options show the steps required to upgrade Console when using projects?
&nbsp;Upgrade all Supervisor Consoles Upgrade Central Console
&nbsp;Upgrade Central ConsoleUpgrade Central Console Defenders
&nbsp;Upgrade Defender Upgrade Central ConsoleUpgrade Supervisor Consoles
&nbsp;Upgrade Central Console Upgrade all Supervisor Consoles
Q50. Which order of steps map a policy to a custom compliance standard?(Drag the steps into the correct order of occurrence, from the first step to the last.)
Q51. Which three types of classifications are available in the Data Security module? (Choose three. )
&nbsp;Malicious IP
&nbsp;Compliance standard
&nbsp;Financial information
&nbsp;Malware
&nbsp;Personally identifiable information
Q52. Which three types of classifications are available in the Data Security module? (Choose three.)
&nbsp;Compliance standard
&nbsp;Financial information
&nbsp;Malware
&nbsp;Malicious IP
&nbsp;Personally identifiable information
Q53. Which intensity setting for anomaly alerts is used for the measurement of 100 events over 30 days?
&nbsp;High
&nbsp;Medium
&nbsp;Low
&nbsp;Very High
Q54. A customer is interested in PCI requirements and needs to ensure that no privilege containers can start in the environment.Which action needs to be set for &#8220;do not use privileged containers&#8221;?
&nbsp;Prevent
&nbsp;Alert
&nbsp;Block
&nbsp;Fail
Q55. Which order of steps map a policy to a custom compliance standard?(Drag the steps into the correct order of occurrence, from the first step to the last.)
Explanation1. click on compliance standard.2. add custom compliance standard.3. edit policies.4. add compliance standard from drop-down menuhttps://docs.prismacloudcompute.com/docs/enterprise_edition/compliance/custom_compliance_checks.html#creQ56. An administrator has deployed Console into a Kubernetes cluster running in AWS. The administrator also has configured a load balancer in TCP passthrough mode to listen on the same ports as the default Prisma Compute Console configuration.In the build pipeline, the administrator wants twistcli to talk to Console over HTTPS. Which port will twistcli need to use to access the Prisma Compute APIs?
&nbsp;8084
&nbsp;443
&nbsp;8083
&nbsp;8081
Explanationhttps://docs.prismacloudcompute.com/docs/compute_edition_21_04/tools/twistcli.html#connectivity-to-consoleQ57. The security team wants to protect a web application container from an SQLi attack? Which type of policy should the administrator create to protect the container?
&nbsp;Compliance
&nbsp;Runtime
&nbsp;CNAF
&nbsp;CNNF
Q58. The development team wants to fail CI jobs where a specific CVE is contained within the image. How should the development team configure the pipeline or policy to produce this outcome?
&nbsp;Set the specific CVE exception as an option in Jenkins or twistcli.
&nbsp;Set the specific CVE exception as an option in Defender running the scan.
&nbsp;Set the specific CVE exception as an option using the magic string in the Console.
&nbsp;Set the specific CVE exception in Console&#8217;s CI policy.
ExplanationReference tech docs:https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/continuous_integration/se Vulnerability rules that target the build tool can allow specific vulnerabilities by creating an exception and setting the effect to &#8216;ignore&#8217;. Block them by creating an exception and setting hte effect to &#8216;fail&#8217;. For example, you could create a vulnerability rule that explicitly allows CVE-2018-1234 to suppress warnings in the scan results.Q59. Which three Options are selectable in a CI policy for image scanning with Jenkins or twistcli? (Choose three.)
&nbsp;Scope &#8211; Scans run on a particular host
&nbsp;Grace Period
&nbsp;Failure threshold
&nbsp;Credential
&nbsp;Apply rule only when vendor fixes are available
Q60. An administrator wants to install the Defenders to a Kubernetes cluster. This cluster is running the console on the default service endpoint and will be exporting to YAML Console Address SCONSOLE_ADDRESS Websocket Address SWEBSOCKHT_ADDRESS User: SADMIN USER Which command generates the YAML file for Defender install?A)B)C)D)
&nbsp;Option A
&nbsp;Option B
&nbsp;Option C
&nbsp;Option D
Q61. What is the maximum number of access keys a user can generate in Prisma Cloud with a System Admin role?
&nbsp;1
&nbsp;2
&nbsp;3
&nbsp;4
&nbsp;Loading &#8230;


Achieve Success in Actual PCCSE Exam PCCSE Exam Dumps: https://www.exams4sures.com/Palo-Alto-Networks/PCCSE-practice-exam-dumps.html


---------------------------------------------------


Images: https://free.exams4sures.com/wp-content/plugins/watu/loading.gif
https://free.exams4sures.com/wp-content/plugins/watu/loading.gif


---------------------------------------------------


---------------------------------------------------


Post date: 2022-09-05 12:12:33

Post date GMT: 2022-09-05 12:12:33

Post modified date: 2022-09-05 12:12:33

Post modified date GMT: 2022-09-05 12:12:33