Palo Alto Networks Exam PCCSE Topic 1 Question 6 Discussion

Actual exam question for Palo Alto Networks's PCCSE exam

Question #: 6
Topic #: 1

A S3 bucket within AWS has generated an alert by violating the Prisma Cloud Default policy "AWS S3 buckets are accessible to public" The policy definition follows:

config where cloud type = 'aws' AND api name='aws-s3api-get-bucket-acr AND json.rule="((((acl grants{?(@ grantee='AllUsers')] size > 0) or policyStatusisPubiic is true) and publicAccessBlockConfiguration does not exist) or ((ad.grantsp(@ grantee=='AII Users')] size > 0) and publicAccessBlockConfiguration ignorePubhcAds is false) or (policyStatus isPublic is true and publicAccessBlockConfiguration.restrictPublicBuckets is false)) and websiteConfiguration does not exist" Why did this alert get generated?

Aanomalous behaviors

Bnetwork traffic to the S3 bucket

Cconfiguration of the S3 bucket

Dan event within the cloud account

Show Suggested Answer

Suggested Answer: A

by Rolande at May 10, 2022, 01:37 AM

Limited Time Offer

25%

Off

Get Premium PCCSE Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel

Currently there are no comments in this discussion, be the first to comment!