3 Months Free Update
3 Months Free Update
3 Months Free Update
An administrator has been tasked with creating a custom service that will download any existing compliance report from a Prisma Cloud Enterprise tenant.
In which order will the APIs be executed for this service?
(Drag the steps into the correct order of occurrence, from the first step to the last.)
You wish to create a custom policy with build and run subtypes. Match the query types for each example.
(Select your answer from the pull-down list. Answers may be used more than once or not at all.)
Which three fields are mandatory when authenticating the Prisma Cloud plugin in the IntelliJ application? (Choose three.)
Which alert deposition severity must be chosen to generate low and high severity alerts in the Anomaly settings when user wants to report on an unknown browser and OS, impossible time travel, or both due to account hijacking attempts?
What is an automatically correlated set of individual events generated by the firewall and runtime sensors to identify unfolding attacks?
Which Prisma Cloud policy type detects port scanning activities in a customer environment?
Which method should be used to authenticate to Prisma Cloud Enterprise programmatically?
What are two alarm types that are registered after alarms are enabled? (Choose two.)
While writing a custom RQL with array objects in the investigate page, which type of auto-suggestion a user can leverage?
Which two information types cannot be seen in the data security dashboard? (Choose two).
What is the order of steps to create a custom network policy?
(Drag the steps into the correct order of occurrence, from the first step to the last.)
One of the resources on the network has triggered an alert for a Default Config policy.
Given the following resource JSON snippet:
Which RQL detected the vulnerability?
A)
B)
C)
D)
Which three elements are part of SSH Events in Host Observations? (Choose three.)
Which of the below actions would indicate – “The timestamp on the compliance dashboard?
Which three steps are involved in onboarding an account for Data Security? (Choose three.)
A customer finds that an open alert from the previous day has been resolved. No auto-remediation was configured.
Which two reasons explain this change in alert status? (Choose two.)
What factor is not used in calculating the net effective permissions for a resource in AWS?
What will happen when a Prisma Cloud Administrator has configured agentless scanning in an environment that also has Host and Container Defenders deployed?
Which two options may be used to upgrade the Defenders with a Console v20.04 and Kubernetes deployment? (Choose two.)
A customer has Prisma Cloud Enterprise and host Defenders deployed.
What are two options that allow an administrator to upgrade Defenders? (Choose two.)
A user from an organization is unable to log in to Prisma Cloud Console after having logged in the previous day.
Which area on the Console will provide input on this issue?
When configuring SSO how many IdP providers can be enabled for all the cloud accounts monitored by Prisma Cloud?
Which two CI/CD plugins are supported by Prisma Cloud as part of its DevOps Security? (Choose two.).
What is the function of the external ID when onboarding a new Amazon Web Services (AWS) account in Prisma Cloud?
Put the steps of integrating Okta with Prisma Cloud in the right order in relation to CIEM or SSO okra integration.
Which step should a SecOps engineer implement in order to create a network exposure policy that identifies instances accessible from any untrusted internet sources?
In Prisma Cloud Software Release 22.06 (Kepler), which Registry type is added?
What improves product operationalization by adding visibility into feature utilization and missed opportunities?
Which three options are selectable in a CI policy for image scanning with Jenkins or twistcli? (Choose three.)
Console is running in a Kubernetes cluster, and Defenders need to be deployed on nodes within this cluster.
How should the Defenders in Kubernetes be deployed using the default Console service name?
A Prisma Cloud Administrator needs to enable a Registry Scanning for a registry that stores Windows images. Which of the following statement is correct regarding this process?
Which action would be applicable after enabling anomalous compute provisioning?
Which type of query is used for scanning Infrastructure as Code (laC) templates?
Which three types of buckets exposure are available in the Data Security module? (Choose three.)
Which three public cloud providers are supported for VM image scanning? (Choose three.)
A customer has serverless functions that are deployed in multiple clouds.
Which serverless cloud provider is covered be “overly permissive service access” compliance check?
A customer wants to be notified about port scanning network activities in their environment. Which policy type detects this behavior?
Which IAM Azure RQL query would correctly generate an output to view users who have sufficient permissions to create security groups within Azure AD and create applications?
A Prisma Cloud administrator is tasked with pulling a report via API. The Prisma Cloud tenant is located on app2.prismacloud.io.
What is the correct API endpoint?
A customer does not want alerts to be generated from network traffic that originates from trusted internal networks.
Which setting should you use to meet this customer’s request?
What is required for Prisma Cloud to successfully execute auto-remediation commands?
Which two processes ensure that builds can function after a Console upgrade? (Choose two.)
Which three actions are required in order to use the automated method within Azure Cloud to streamline the process of using remediation in the identity and access management (IAM) module? (Choose three.)
A manager informs the SOC that one or more RDS instances have been compromised and the SOC needs to make sure production RDS instances are NOT publicly accessible.
Which action should the SOC take to follow security best practices?
How does assigning an account group to an administrative user on Prisma Cloud help restrict access to resources?
What is the order of steps in a Jenkins pipeline scan?
(Drag the steps into the correct order of occurrence, from the first step to the last.)
You are an existing customer of Prisma Cloud Enterprise. You want to onboard a public cloud account and immediately see all of the alerts associated with this account based off ALL of your tenant’s existing enabled policies. There is no requirement to send alerts from this account to a downstream application at this time.
Which option shows the steps required during the alert rule creation process to achieve this objective?
An administrator needs to detect and alert on any activities performed by a root account.
Which policy type should be used?
During the Learning phase of the Container Runtime Model, Prisma Cloud enters a “dry run” period for how many hours?
A security team is deploying Cloud Native Application Firewall (CNAF) on a containerized web application. The application is running an NGINX container. The container is listening on port 8080 and is mapped to host port 80.
Which port should the team specify in the CNAF rule to protect the application?
Which two services require external notifications to be enabled for policy violations in the Prisma Cloud environment? (Choose two.)
Which two of the following are required to be entered on the IdP side when setting up SSO in Prisma Cloud? (Choose two.)