palo-alto-networks pccse practice test

Prisma Certified Cloud Security Engineer


Question 1

A customer has a requirement to scan serverless functions for vulnerabilities.
Which three settings are required to configure serverless scanning? (Choose three.)

  • A. Defender Name
  • B. Region
  • C. Credential
  • D. Console Address
  • E. Provider
Answer:

B C E

Explanation:
Reference: https://docs.paloaltonetworks.com/prisma/prisma-cloud/21-04/prisma-cloud-compute-edition-
admin/vulnerability_management/serverless_functions.html

Discussions

Question 2

DRAG DROP
Move the steps to the correct order to set up and execute a serverless scan using AWS DevOps.
Select and Place:

Answer:

Discussions

Question 3

A customer is deploying Defenders to a Fargate environment. It wants to understand the vulnerabilities in the image it is
deploying.
How should the customer automate vulnerability scanning for images deployed to Fargate?

  • A. Set up a vulnerability scanner on the registry
  • B. Embed a Fargate Defender to automatically scan for vulnerabilities
  • C. Designate a Fargate Defender to serve a dedicated image scanner
  • D. Use Cloud Compliance to identify misconfigured AWS accounts
Answer:

A

Explanation:
Reference: https://blog.paloaltonetworks.com/prisma-cloud/securing-aws-fargate-tasks/

Discussions

Question 4

A customer is reviewing Container audits, and an audit has identified a cryptominer attack.
Which three options could have generated this audit? (Choose three.)

  • A. The value of the mined currency exceeds $100.
  • B. High CPU usage over time for the container is detected.
  • C. Common cryptominer process name was found.
  • D. The mined currency is associated with a user token.
  • E. Common cryptominer port usage was found.
Answer:

B C D

Discussions

Question 5

An administrator wants to install the Defenders to a Kubernetes cluster. This cluster is running the console on the default
service endpoint and will be exporting to YAML.
Console Address: $CONSOLE_ADDRESS

Websocket Address: $WEBSOCKET_ADDRESS User: $ADMIN_USER


Which command generates the YAML file for Defender install?

  • A. /twistcli defender \ --address $CONSOLE_ADDRESS \ --user $ADMIN_USER \ --cluster-address $CONSOLE_ADDRESS
  • B. /twistcli defender export kubernetes \ --address $WEBSOCKET_ADDRESS \ --user $ADMIN_USER \ --cluster-address $CONSOLE_ADDRESS
  • C. /twistcli defender YAML kubernetes \ --address $CONSOLE_ADDRESS \ --user $ADMIN_USER \ --cluster-address $WEBSOCKET_ADDRESS
  • D. /twistcli defender export kubernetes \ --address $CONSOLE_ADDRESS \ --user $ADMIN_USER \ --cluster-address $WEBSOCKET_ADDRESS
Answer:

D

Explanation:
Reference: https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-
compute/install/install_kubernetes.html

Discussions

Question 6

DRAG DROP
What is the order of steps to create a custom network policy?
(Drag the steps into the correct order of occurrence, from the first step to the last.)
Select and Place:

Answer:

Explanation:
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-policies/
create-a-policy.html

Discussions

Question 7

What are the two ways to scope a CI policy for image scanning? (Choose two.)

  • A. container name
  • B. image name
  • C. hostname
  • D. image labels
Answer:

B D

Explanation:
Reference: https://www.optiv.com/insights/source-zero/blog/defending-against-container-threats-palo-alto-prisma-cloud

Discussions

Question 8

Which options show the steps required after upgrade of Console?

  • A. Uninstall Defenders Upgrade Jenkins Plugin Upgrade twistcli where applicable Allow the Console to redeploy the Defender
  • B. Update the Console image in the Twistlock hosted registry Update the Defender image in the Twistlock hosted registry Uninstall Defenders
  • C. Upgrade Defenders Upgrade Jenkins Plugin Upgrade twistcli where applicable
  • D. Update the Console image in the Twistlock hosted registry Update the Defender image in the Twistlock hosted registry Redeploy Console
Answer:

C

Discussions

Question 9

DRAG DROP
An administrator needs to write a script that automatically deactivates access keys that have not been used for 30 days.
In which order should the API calls be used to accomplish this task?
(Drag the steps into the correct order from the first step to the last.)
Select and Place:

Answer:

Discussions

Question 10

An administrator has been tasked with a requirement by your DevSecOps team to write a script to continuously query
programmatically the existing users, and the users associated permission levels, in a Prisma Cloud Enterprise tenant.
Which public documentation location should be reviewed to help determine the required attributes to carry out this step?

  • A. Prisma Cloud Administrator’s Guide (Compute)
  • B. Prisma Cloud API Reference
  • C. Prisma Cloud Compute API Reference
  • D. Prisma Cloud Enterprise Administrator’s Guide
Answer:

D

Explanation:
Reference: https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin.html

Discussions
To page 2