Examice

Exam PCCSE All QuestionsBrowse all questions from this exam

Question 22

An S3 bucket within AWS has generated an alert by violating the Prisma Cloud Default policy `AWS S3 buckets are accessible to public`. The policy definition follows: config where cloud.type = 'aws' AND api.name='aws-s3api-get-bucket-acl' AND json.rule="((((acl.grants[?(@.grantee=='AllUsers')] size > 0) or policyStatus.isPublic is true) and publicAccessBlockConfiguration does not exist) or ((acl.grants[?(@.grantee=='AllUsers')] size > 0) and publicAccessBlockConfiguration.ignorePublicAcis is false) or (policyStatus.isPublic is true and publicAccessBlockConfiguration.restrictPublicBuckets is false)) and websiteConfiguration does not exist"

Why did this alert get generated?

an event within the cloud account

network traffic to the S3 bucket

configuration of the S3 bucket

anomalous behaviors

Correct Answer: C

The alert was generated due to the configuration of the S3 bucket. The policy checks for conditions that would make the bucket publicly accessible, such as certain ACL grants, public access configurations, and the absence of specific blocking configurations. These are all related to how the bucket is set up and configured, not traffic or events.

Discussion

[Removed]Option: C

websiteConfiguration does not exist concerns about config not traffic. Therefore correct answer is C

assadhashmiOption: C

Correct option is C

SpippoloOption: C

For exclusion "C".

kumar_57Option: C

Yes, correct option is C.