Practice Free PCCSE Exam Online Questions – Page 7

Question #61

Which resource and policy type are used to calculate AWS Net Effective Permissions? (Choose two.)

A . Service Linked Roles
B . Lambda Function
C . Amazon Resource Names (ARNs) using Wild Cards
D . AWS Service Control Policies (SCPs)

Reveal Solution Hide Solution

Question #62

Prisma Cloud supports sending audit event records to which three targets? (Choose three.)

A . SNMP Traps
B . Stdout
C . Netflow
D . Prometheus
E . Syslog

Reveal Solution Hide Solution

Question #63

Given this information:

The Console is located at https://prisma-console.mydomain.local The username is: cluster

The password is: password123

The image to scan is: myimage:latest

Which twistcli command should be used to scan a Container for vulnerabilities and display the details about each vulnerability?

A . twistcli images scan –console-address https://prisma-console.mydomain.local -u cluster -p password123 — details myimage:latest
B . twistcli images scan –console-address prisma-console.mydomain.local -u cluster -p password123 – – vulnerability-details myimage:latest
C . twistcli images scan –address prisma-console.mydomain.local -u cluster -p password123 — vulnerability- details myimage:latest
D . twistcli images scan –address https://prisma-console.mydomain.local -u cluster -p password123 — details myimage:latest

Reveal Solution Hide Solution

Question #64

An administrator wants to install the Defenders to a Kubernetes cluster. This cluster is running the console on the default service endpoint and will be exporting to YAML.

Console Address: $CONSOLE_ADDRESS Websocket Address: $WEBSOCKET_ADDRESS User:

$ADMIN_USER

Which command generates the YAML file for Defender install?

A . <PLATFORM>/twistcli defender
–address $CONSOLE_ADDRESS
–user $ADMIN_USER
–cluster-address $CONSOLE_ADDRESS
B . <PLATFORM>/twistcli defender export kubernetes
–address $WEBSOCKET_ADDRESS
–user $ADMIN_USER
–cluster-address $CONSOLE_ADDRESS
C . <PLATFORM>/twistcli defender YAML kubernetes
–address $CONSOLE_ADDRESS
–user $ADMIN_USER
–cluster-address $WEBSOCKET_ADDRESS
D . <PLATFORM>/twistcli defender export kubernetes
–address $CONSOLE_ADDRESS
–user $ADMIN_USER
–cluster-address $WEBSOCKET_ADDRESS

Reveal Solution Hide Solution

Question #65

In which two ways can Prisma Cloud images be retrieved in Prisma Cloud Compute Self-Hosted Edition? (Choose two.)

A . Pull the images from the Prisma Cloud registry without any authentication.
B . Authenticate with Prisma Cloud registry, and then pull the images from the Prisma Cloud registry.
C . Retrieve Prisma Cloud images using URL auth by embedding an access token.
D . Download Prisma Cloud images from github.paloaltonetworks.com.

Reveal Solution Hide Solution

Question #65

In which two ways can Prisma Cloud images be retrieved in Prisma Cloud Compute Self-Hosted Edition? (Choose two.)

A . Pull the images from the Prisma Cloud registry without any authentication.
B . Authenticate with Prisma Cloud registry, and then pull the images from the Prisma Cloud registry.
C . Retrieve Prisma Cloud images using URL auth by embedding an access token.
D . Download Prisma Cloud images from github.paloaltonetworks.com.

Reveal Solution Hide Solution

Question #67

Which IAM Azure RQL query would correctly generate an output to view users who have sufficient permissions to create security groups within Azure AD and create applications?

A . config where api.name = ‘azure-active-directory-authorization-policy’ AND son.rule = defaultUserRolePermissions.allowedToCreateSecurityGroups is true and defaultUserRolePermissions.allowedToCreateApps is true
B . config from cloud.resource where api.name = ‘azure-active-directory-authorization-policy’ AND json.rule = defaultUserRolePermissions exists
C . config from network where api.name = ‘azure-active-directory-authorization-policy’ AND json.rule = defaultUserRolePermissions.allowedToCreateSecurityGroups is false and defaultUserRolePermissions.allowedToCreateApps is true
D . config from cloud.resource where api.name = ‘azure-active-directory-authorization-policy’ AND json.rule = defaultUserRolePermissions.allowedToCreateSecurityGroups is true and defaultUserRolePermissions.allowedToCreateApps is true

Reveal Solution Hide Solution

Correct Answer: D
D

Explanation:

The correct RQL query to view users who have sufficient permissions to create security groups within Azure AD and create applications is option D. This query is specifically designed to assess policies within Azure Active Directory (Azure AD) by checking the authorization policy settings related to user default role permissions. The query targets the azure-active-directory-authorization-policy API to fetch configurations (config from cloud.resource) and then filters those configurations based on the JSON rules that dictate whether users are allowed to create security groups (defaultUserRolePermissions.allowedToCreateSecurityGroups is true) and applications (defaultUserRolePermissions.allowedToCreateApps is true). This query provides a comprehensive check by ensuring both conditions are met, which is necessary for users to have the combined capabilities of creating security groups and applications within Azure AD.

In the context of Prisma Cloud and cloud security principles, the RQL (Resource Query Language) is utilized for querying the configuration state of resources within cloud environments to ensure compliance with security policies. The RQL syntax in option D precisely aligns with the requirements for identifying users with specific permissions, leveraging Prisma Cloud’s capability to provide visibility and control over cloud resources, as emphasized in various resources like the "Prisma Cloud Visibility and Control Qualification Guide" and the "Guide to Cloud Security Posture Management Tools." These documents highlight the importance of continuous monitoring and validation of cloud resource configurations to maintain a secure and compliant cloud environment, which is effectively achieved through targeted RQL queries like the one in option D.

Reference: "Prisma Cloud Visibility and Control Qualification Guide" discusses the importance of visibility and compliance in cloud environments, which is directly applicable to the use of RQL for querying resource configurations.

"Guide to Cloud Security Posture Management Tools" emphasizes the need for comprehensive visibility and governance across cloud environments, further supporting the rationale behind the specific RQL query used to assess user permissions in Azure AD.

Question #68

Which two information types cannot be seen in the data security dashboard? (Choose two).

A . Bucket owner
B . Object Data Profile by Region
C . Top Publicly Exposed Objects By Data Profile
D . Object content
E . Total objects

Reveal Solution Hide Solution

Question #69

Which policy type should be used to detect and alert on cryptominer network activity?

A . Audit event
B . Anomaly
C . Config-build
D . Config-run

Reveal Solution Hide Solution

Question #70

Based on the following information, which RQL query will satisfy the requirement to identify VM hosts deployed to organization public cloud environments exposed to network traffic from the internet and affected by Text4Shell RCE (CVE-2022-42889) vulnerability?

• Network flow logs from all virtual private cloud (VPC) subnets are ingested to the Prisma Cloud Enterprise Edition tenant.

• All virtual machines (VMs) have Prisma Cloud Defender deployed.

A)

A . Option A
B . Option B
C . Option C
D . Option D

Reveal Solution Hide Solution

1 2 3 4 5 6 7 8 9

Exams