- All Exams Instant Download
How are the following categorized?
How are the following categorized? Backdoor account access Hijacked processes Lateral movement Port scanningA . auditsB . incidentsC . admission controllersD . modelsView AnswerAnswer: B
Which RQL detected the vulnerability?
One of the resources on the network has triggered an alert for a Default Config policy. Given the following resource JSON snippet: Which RQL detected the vulnerability? A) B) C) D) A . Option AB . Option BC . Option CD . Option DView AnswerAnswer: B
Which action should the SOC take to follow security best practices?
A manager informs the SOC that one or more RDS instances have been compromised and the SOC needs to make sure production RDS instances are NOT publicly accessible. Which action should the SOC take to follow security best practices?A . Enable “AWS S3 bucket is publicly accessible” policy and manually...
Which three options are selectable in a CI policy for image scanning with Jenkins or twistcli? (Choose three.)
Which three options are selectable in a CI policy for image scanning with Jenkins or twistcli? (Choose three.)A . Scope - Scans run on a particular hostB . CredentialC . Apply rule only when vendor fixes are availableD . Failure thresholdE . Grace PeriodView AnswerAnswer: B,D,E
Which two required request headers interface with Prisma Cloud API? (Choose two.)
Which two required request headers interface with Prisma Cloud API? (Choose two.)A . Content-type:application/jsonB . x-redlock-authC . >x-redlock-request-idD . Content-type:application/xmlView AnswerAnswer: A,B Explanation: Reference: https://prisma.pan.dev/api/cloud/api-headers/
Which statement is true regarding CloudFormation templates?
Which statement is true regarding CloudFormation templates?A . Scan support does not currently exist for nested references, macros, or intrinsic functions.B . A single template or a zip archive of template files cannot be scanned with a single API request.C . Request-Header-Field ‘cloudformation-version’ is required to request a scan.D ....
Which option identifies the Prisma Cloud Compute Edition?
Which option identifies the Prisma Cloud Compute Edition?A . Package installed with APTB . Downloadable, self-hosted softwareC . Software-as-a-Service (SaaS)D . Plugin to Prisma CloudView AnswerAnswer: B Explanation: Reference: https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/welcome/pcee_vs_pcce.html
If you are required to run in an air-gapped environment, which product should you install?
If you are required to run in an air-gapped environment, which product should you install?A . Prisma Cloud Jenkins PluginB . Prisma Cloud Compute EditionC . Prisma Cloud with self-hosted pluginD . Prisma Cloud Enterprise EditionView AnswerAnswer: B Explanation: Reference: https://docs.paloaltonetworks.com/prisma/prisma-cloud.html
When would a policy apply if the policy is set under Defend > Vulnerability > Images > Deployed?
When would a policy apply if the policy is set under Defend > Vulnerability > Images > Deployed?A . when a serverless repository is scannedB . when a Container is started form an ImageC . when the Image is built and when a Container is started form an ImageD ....
How should the administrator scope the policy to target the Containers?
The security team wants to target a CNAF policy for specific running Containers . How should the administrator scope the policy to target the Containers?A . scope the policy to Image names.B . scope the policy to namespaces.C . scope the policy to Defender names.D . scope the policy to...
