Prepare PCCSE Exam Questions [2024] Recently Updated Questions [Q135-Q152]

4/5 - (3 votes)

Prepare PCCSE Exam Questions [2024] Recently Updated Questions

Give push to your success with PCCSE exam questions

To be eligible to take the PCCSE exam, candidates must have at least one year of experience in cloud security and hold a current certification in either the Palo Alto Networks Certified Network Security Engineer (PCNSE) or the Palo Alto Networks Certified Prisma Access Security Engineer (PCSSE) exam. The PCCSE exam is a proctored exam that can be taken online from anywhere in the world. PCCSE exam consists of 60 multiple-choice questions and must be completed within 120 minutes.

NEW QUESTION 135
The security auditors need to ensure that given compliance checks are being run on the host. Which option is a valid host compliance policy?

Ensure compliant Docker daemon configuration

Ensure functions are not overly permissive.

Ensure images are created with a non-root user

Ensure host devices are not directly exposed to containers.

NEW QUESTION 136
An administrator needs to write a script that automatically deactivates access keys that have not been used for
30 days.
In which order should the API calls be used to accomplish this task? (Drag the steps into the correct order from the first step to the last.) Select and Place:

NEW QUESTION 137
Which two actions are required in order to use the automated method within Amazon Web Services (AWS) Cloud to streamline the process of using remediation in the identity and access management (IAM) module?
(Choose two.)

Install boto3 & requests library.

Configure IAM Azure remediation script.

Integrate with Azure Service Bus.

Configure IAM AWS remediation script.

To utilize the automated method for remediation within the Amazon Web Services (AWS) Cloud, specifically for the Identity and Access Management (IAM) module, two critical actions are required: installing the boto3 and requests libraries, and configuring the IAM AWS remediation script.
The boto3 library is AWS’s SDK for Python, allowing Python developers to write software that makes use of services like Amazon S3 and Amazon EC2. The requests library is a Python HTTP library designed for human beings, enabling easy interaction with HTTP services. Together, these libraries are foundational for scripting AWS services, including automating remediation tasks within IAM.
Configuring the IAM AWS remediation script is the second critical step. This script is tailored to interact with AWS IAM to automate the remediation of identified security issues, such as excessive permissions, unused IAM roles, or improperly configured policies. The script uses the boto3 library to communicate with AWS services, applying the necessary changes to align IAM configurations with security best practices.
These actions are essential for leveraging automation to enhance IAM security within AWS, ensuring that IAM configurations adhere to the principle of least privilege and other security best practices. This approach aligns with Prisma Cloud’s capabilities and recommendations for cloud security, emphasizing the importance of automation in maintaining a robust security posture, as discussed in resources like the “Prisma Cloud Visibility and Control Qualification Guide” and the “Guide to Cloud Security Posture Management Tools.” References:
* “Prisma Cloud Visibility and Control Qualification Guide” highlights the significance of automated security controls and remediation within cloud environments, supporting the use of scripts and libraries for IAM remediation in AWS.
* “Guide to Cloud Security Posture Management Tools” emphasizes the importance of automation in cloud security, particularly for managing and remediating IAM configurations to ensure compliance and minimize risks.

NEW QUESTION 138
In which two ways can Prisma Cloud images be retrieved in Prisma Cloud Compute Self-Hosted Edition?
(Choose two.)

Pull the images from the Prisma Cloud registry without any authentication.

Authenticate with Prisma Cloud registry, and then pull the images from the Prisma Cloud registry.

Retrieve Prisma Cloud images using URL auth by embedding an access token.

Download Prisma Cloud images from github.paloaltonetworks.com.

NEW QUESTION 139
A customer has a requirement to restrict any container from resolving the name www.evil-url.com.
How should the administrator configure Prisma Cloud Compute to satisfy this requirement?

Choose “copy into rule” for any Container, set www.evil-url.com as a blocklisted DNS name in the Container policy and set the policy effect to alert.

Set www.evil-url.com as a blocklisted DNS name in the default Container runtime policy, and set the effect to block.

Choose “copy into rule” for any Container, set www.evil-url.com as a blocklisted DNS name, and set the effect to prevent.

Set www.evil-url.com as a blocklisted DNS name in the default Container policy and set the effect to prevent.

NEW QUESTION 140
What is the behavior of Defenders when the Console is unreachable during upgrades?

Defenders will fail open until the web-socket can be reestablished.

Defenders will fail closed until the web-socket can be re-established

Defenders continue to alert, but not enforce, using the policies and settings most recently cached before upgrading the Console.

Defenders continue to alert and enforce using the policies and settings most recently cached before upgrading the Console.

NEW QUESTION 141
Which order of steps map a policy to a custom compliance standard?
(Drag the steps into the correct order of occurrence, from the first step to the last.)

NEW QUESTION 142
Which alerts are fixed by enablement of automated remediation?

All applicable open alerts regardless of when they were generated, with alert status updated to
“resolved”

Only the open alerts that were generated before the enablement of remediation, with alert status updated to “resolved”

All applicable open alerts regardless of when they were generated, with alert status updated to
“dismissed”

Only the open alerts that were generated after the enablement of remediation, with alert status updated to
“resolved”

NEW QUESTION 143
How is the scope of each rule determined in the Prisma Cloud Compute host runtime policy?

By the collection assigned to that rule

By the target workload

By the order in which it is created

By the type of network traffic it controls

NEW QUESTION 144
An administrator has been tasked with a requirement by your DevSecOps team to write a script to continuously query programmatically the existing users, and the user’s associated permission levels, in a Prisma Cloud Enterprise tenant.
Which public documentation location should be reviewed to help determine the required attributes to carry out this step?

Prisma Cloud Administrator’s Guide (Compute)

Prisma Cloud API Reference

Prisma Cloud Compute API Reference

Prisma Cloud Enterprise Administrator’s Guide

NEW QUESTION 145
Which policy type in Prisma Cloud can protect against malware?

Data

Config

Network

Event

NEW QUESTION 146
A customer is reviewing Container audits, and an audit has identified a cryptominer attack. Which three options could have generated this audit? (Choose three.)

The value of the mined currency exceeds $100.

High CPU usage over time for the container is detected.

Common cryptominer process name was found.

The mined currency is associated with a user token.

Common cryptominer port usage was found.

NEW QUESTION 147
What is the function of the external ID when onboarding a new Amazon Web Services (AWS) account in Prisma Cloud?

It is a UUID that establishes a trust relationship between the Prisma Cloud account and the AWS account in order to extract data.

It is the default name of the PrismaCloudApp stack.

It is the resource name for the Prisma Cloud Role.

It is a unique identifier needed only when Monitor & Protect mode is selected.

NEW QUESTION 148
An administrator has been tasked with creating a custom service that will download any existing compliance report from a Prisma Cloud Enterprise tenant.
In which order will the APIs be executed for this service?
(Drag the steps into the correct order of occurrence, from the first step to the last.)

NEW QUESTION 149
What will happen when a Prisma Cloud Administrator has configured agentless scanning in an environment that also has Host and Container Defenders deployed?

Agentless scan will automatically be disabled, so Defender scans are the only scans occurring.

Agentless scans do not conflict with Defender scans, so both will run.

Defender scans will automatically be disabled, so agentless scans are the only scans occurring.

Both agentless and Defender scans will be disabled and an error message will be received.

NEW QUESTION 150
An administrator has deployed Console into a Kubernetes cluster running in AWS. The administrator also has configured a load balancer in TCP passthrough mode to listen on the same ports as the default Prisma Compute Console configuration.
In the build pipeline, the administrator wants twistcli to talk to Console over HTTPS. Which port will twistcli need to use to access the Prisma Compute APIs?

8084

443

8083

8081

NEW QUESTION 151
The compliance team needs to associate Prisma Cloud policies with compliance frameworks. Which option should the team select to perform this task?

Custom Compliance

Policies

Compliance

Alert Rules

NEW QUESTION 152
The development team is building pods to host a web front end, and they want to protect these pods with an application firewall.
Which type of policy should be created to protect this pod from Layer7 attacks?

The development team should create a WAAS rule for the host where these pods will be running.

The development team should create a WAAS rule targeted at all resources on the host.

The development team should create a runtime policy with networking protections.

The development team should create a WAAS rule targeted at the image name of the pods.