A customer is interested in PCI requirements and needs to ensure that no privilege containers can start in the environment.
Which action needs to be set for `do not use privileged containers`?
A customer is interested in PCI requirements and needs to ensure that no privilege containers can start in the environment.
Which action needs to be set for `do not use privileged containers`?
To ensure that no privileged containers can start in the environment, the appropriate action is to set it to 'Block.' Blocking ensures that the Defender stops the entire container if it attempts to violate the policy by being privileged. This action is more effective than merely alerting or preventing individual processes, as it stops the container from starting in the first place.
Correct anser is Block. Block — Defender stops the entire container if a process that violates your policy attempts to run. https://docs.prismacloudcompute.com/docs/enterprise_edition/runtime_defense/runtime_defense_containers.html#_effect
ID: 5054 Type: container Severity: critical Action: Ignore, Alert or Bolock Description: Do not use privileged containers
CORRECT ANSWER IS C
C Prevent — Defender stops the process (and just the process) that violates your policy from executing. This is known as discrete blocking. Block — Defender stops the entire container if a process that violates your policy attempts to run.
Option c IS CORRECT. https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/compliance/manage_compliance#:~:text=The%20flow%20for%20blocking%20such%20a%20container%20is%3A,deploy%20a%20container%20to%20the%20environment.%20More%20items