Here you have the best Palo Alto Networks PCCSE practice exam questions
Given a default deployment of Console, a customer needs to identify the alerted compliance checks that are set by default.
Where should the customer navigate in Console?
To identify the alerted compliance checks in a default deployment of Console, the customer should navigate to Monitor > Compliance. This section is designed to help users monitor and review compliance statuses, including any alerts triggered by compliance checks. Options under 'Monitor' typically provide visibility into ongoing system operations and alerts.
Which container scan is constructed correctly?
The correct construction of the 'twistcli images scan' command includes both authentication flags (-u and -p) and the appropriate --address flag with a URL as well as the container image name at the end. The --docker-address flag is used to specify the Docker socket, not a URL. Therefore, the correct command is the one that uses --address to specify the URL and the image name, which matches the syntax of option C.
The development team wants to fail CI jobs where a specific CVE is contained within the image.
How should the development team configure the pipeline or policy to produce this outcome?
To fail CI jobs when a specific CVE is present within the image, the development team should configure the CI policy in the Console. This allows for the creation of rules and conditions that directly target the build process, ensuring that any image containing the specific CVE will fail the CI job.
Which three types of classifications are available in the Data Security module? (Choose three.)
The three types of classifications available in the Data Security module are Personally Identifiable Information, Financial Information, and Malware. These categories encompass sensitive personal data, crucial financial records, and harmful software threats, all of which are critical areas of focus in data security to protect against unauthorized access and malicious activities.
A customer has a requirement to terminate any Container from image topSecret:latest when a process named ransomWare is executed.
How should the administrator configure Prisma Cloud Compute to satisfy this requirement?
To meet the requirement of terminating any container from the image topSecret:latest when the ransomWare process is executed, the administrator should choose the option that ensures the entire container is stopped if the process violates the policy. The correct approach involves adding a ransomWare process to the denied process list and setting the action to 'block', as this action will terminate the entire container, not just the offending process.