Examice

Exam PCCSE All QuestionsBrowse all questions from this exam

Question 95

A customer has a requirement to restrict any container from resolving the name www.evil-url.com.

How should the administrator configure Prisma Cloud Compute to satisfy this requirement?

Choose “copy into rule” for any Container, set www.evil-url.com as a blocklisted DNS name in the Container policy and set the policy effect to alert.

Set www.evil-url.com as a blocklisted DNS name in the default Container runtime policy, and set the effect to block.

Choose “copy into rule” for any Container, set www.evil-url.com as a blocklisted DNS name, and set the effect to prevent.

Set www.evil-url.com as a blocklisted DNS name in the default Container policy and set the effect to prevent.

Correct Answer: D

To satisfy the requirement of restricting any container from resolving the name www.evil-url.com, the administrator should set www.evil-url.com as a blocklisted DNS name in the default Container policy and set the effect to prevent. This approach ensures that any container under the default policy will be prevented from resolving the undesirable DNS name, adhering to the requirement without blocking the container itself.

Discussion

SpippoloOption: D

D --> I think D, because we have to restrict any container from resolving, we don't need to block the container; so, the correct answer should be "prevent" by default.

marcosvportoOption: D

The question does not refer to delete the container, just to restrict the container from resolving the DNS name. So I would go with D.

Chichi23Option: B

B. Set www.evil-url.com as a blocklisted DNS name in the default Container runtime policy, and set the effect to block.

HARRYOption: D

D is Correct