Practice Free PCCSE Exam Online Questions
Retrieve the Prisma Cloud Console images using ‘docker pull’.
A customer does not want alerts to be generated from network traffic that originates from trusted internal networks.
Which setting should you use to meet this customer’s request?
- A . Trusted Login IP Addresses
- B . Anomaly Trusted List
- C . Trusted Alert IP Addresses
- D . Enterprise Alert Disposition
Which three elements are part of SSH Events in Host Observations? (Choose three.)
- A . Startup process
- B . User
- C . System calls
- D . Process path
- E . Command
Which ROL query is used to detect certain high-risk activities executed by a root user in AWS?
- A . config from cloud.audit_logs where operation IN ( ‘ChangePassword’, ‘ConsoleLogin’, 1DeactivateMFADevice’, ‘DeleteAccessKey’ , ‘DeleteAlarms’ ) AND user = ‘root1
- B . event from cloud.security_logs where operation IN ( ‘ChangePassword’, ‘ConsoleLogin’, ‘DeactivateMFADevice1, ‘DeleteAccessKey’ , ‘DeleteAlarms’ ) AND user = ‘root’
- C . event from cloud.audit_logs where Risk.Level = ‘high1 AND user = ‘root’
- D . event from cloud.audit logs where operation IN ( ‘ChangePassword’, ‘ConsoleLogin’, DeactivateMFADevice’, ‘DeleteAccessKey’ , ‘DeleteAlarms’ ) AND user = ‘root’
Which two required request headers interface with Prisma Cloud API? (Choose two.)
- A . Content-type:application/json
- B . x-redlock-auth
- C . >x-redlock-request-id
- D . Content-type:application/xml
Which alert deposition severity must be chosen to generate low and high severity alerts in the Anomaly settings when user wants to report on an unknown browser and OS, impossible time travel, or both due to account hijacking attempts?
- A . High
- B . Aggressive
- C . Moderate
- D . Conservative
What factor is not used in calculating the net effective permissions for a resource in AWS?
- A . AWS 1AM policy
- B . Permission boundaries
- C . IPTables firewall rule
- D . AWS service control policies (SCPs)
What are two built-in RBAC permission groups for Prisma Cloud? (Choose two.)
- A . Group Membership Admin
- B . Group Admin
- C . Account Group Admin
- D . Account Group Read Only
A customer wants to scan a serverless function as part of a build process.
Which twistcli command can be used to scan serverless functions?
- A . twistcli function scan <SERVERLESS_FUNCTION.ZIP>
- B . twistcli scan serverless <SERVERLESS_FUNCTION.ZIP>
- C . twistcli serverless AWS <SERVERLESS_FUNCTION.ZIP>
- D . twiscli serverless scan <SERVERLESS_FUNCTION.ZIP>
Which Defender type performs registry scanning?
- A . Serverless
- B . Container
- C . Host
- D . RASP