PCCSE Online Practice Questions and Answers

The Unusual protocol activity (Internal) network anomaly is generating too many alerts. An administrator has been asked to tune it to the option that will generate the least number of events without disabling it entirely. Which strategy should the administrator use to achieve this goal?

A. Disable the policy

B. Set the Alert Disposition to Conservative

C. Change the Training Threshold to Low

D. Set Alert Disposition to Aggressive

A customer has a requirement to scan serverless functions for vulnerabilities. Which three settings are required to Configure serverless scanning? (Choose three.)

A. Defender Name

B. Region

C. Credential

D. Console Address

E. Provider

A customer has serverless functions that are deployed in multiple clouds.

Which serverless cloud provider is covered be "overly permissive service access" compliance check?

A. Alibaba

B. GCP

C. AWS

D. Azure

Which three public cloud providers are supported for VM image scanning? (Choose three.)

A. GCP

B. Alibaba

C. Oracle

D. AWS

E. Azure

Which two attributes are required for a custom config RQL? (Choose two.)

A. json.rule

B. cloud.account

C. api.name

D. tag

Which RQL will trigger the following audit event activity?

A. event from cloud.audit_logs where operation = ConsoleLogin AND user = ‘root

A customer wants to monitor its Amazon Web Services (AWS) accounts via Prisma Cloud, but only needs the resource configuration to be monitored at present. Which two pieces of information are needed to onboard this account? (Choose two.)

A. CloudTrail

B. Role ARN

C. Active Directory ID

D. External ID

What is a benefit of the Cloud Discovery feature?

A. It does not require any specific permissions to be granted before use.

B. It enables engineers to continuously monitor all accounts and report on the services that are unprotected.

C. It offers coverage for serverless functions on AWS only.

D. It helps engineers find all cloud-native services being used only on AWS.