Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Palo Alto Networks Exam PCCSE Topic 4 Question 89 Discussion

Actual exam question for Palo Alto Networks's PCCSE exam
Question #: 89
Topic #: 4
[All PCCSE Questions]

A customer's Security Operations Center (SOC) team wants to receive alerts from Prisma Cloud via email once a day about all policies that have a violation, rather than receiving an alert every time a new violation occurs.

Which alert rule configuration meets this requirement?

Show Suggested Answer Hide Answer
Suggested Answer: D

To receive daily email alerts for all policy violations, the SOC team should configure an alert rule that encompasses all policies and sets the notification frequency to once per day. This can be achieved by:

Navigating to the ''Policies'' tab within the alert rule configuration and selecting ''All Policies'' to ensure that the rule applies to every policy.

Moving to the ''Set Alert Notifications'' tab and choosing the ''Email'' notification method.

Setting the notification to ''Recurring'' with a frequency of every 1 day.

Enabling the email notification by specifying the recipient's email address.

This configuration ensures that the SOC team will receive a consolidated email once a day that includes information on all policies that have been violated, rather than receiving multiple alerts throughout the day as new violations occur. It allows the team to review the compliance status efficiently and prioritize their response accordingly.


Contribute your Thoughts:

Mary
2 months ago
I'm feeling a bit mischievous today, so I'm going to go with C. Who doesn't love a good challenge, right? Plus, it'll look great on my resume if I can figure out the email integration thing.
upvoted 0 times
Janey
1 months ago
Lucia: Yeah, B sounds like the right configuration for the SOC team's requirement.
upvoted 0 times
...
Alaine
1 months ago
B seems like the best option. It allows for daily email alerts for high-risk severity policies.
upvoted 0 times
...
Lucia
1 months ago
I agree, C is more about setting up email integrations, not configuring alert rules.
upvoted 0 times
...
Cherry
2 months ago
I think C is not the right choice for this requirement.
upvoted 0 times
...
...
Detra
3 months ago
D all the way! Why complicate things when you can just select 'All Policies' and get the daily email? Gotta love that efficiency.
upvoted 0 times
...
Tawanna
3 months ago
Hmm, I'm not sure about C. Seems like a lot of extra setup with the email integrations and notification templates. I'd go with D for simplicity.
upvoted 0 times
Carmelina
2 months ago
D is the way to go for sure.
upvoted 0 times
...
Kyoko
2 months ago
Yeah, D is straightforward and meets the requirement.
upvoted 0 times
...
An
2 months ago
I agree, D seems like the simplest option.
upvoted 0 times
...
...
Mari
3 months ago
I'm not sure, but option D also seems like a good choice since it sends daily alerts for all policies, not just high risk severity ones.
upvoted 0 times
...
Jesusita
3 months ago
I think B is the right choice. Focusing on 'High Risk Severity Policies' and setting the email to be recurring daily is a more targeted approach.
upvoted 0 times
...
Solange
3 months ago
Option D seems straightforward and meets the requirement. Selecting 'All Policies' and setting the email notification to repeat daily should do the trick.
upvoted 0 times
Hildred
1 months ago
True, Option B could be a good choice if the SOC team is mainly concerned about high-risk policy violations.
upvoted 0 times
...
Jerry
1 months ago
I think Option B could also work since it allows you to select 'High Risk Severity Policies' specifically for the alerts.
upvoted 0 times
...
Laticia
2 months ago
I agree, Option D sounds like the best choice for receiving daily alerts about policy violations.
upvoted 0 times
...
Nikita
2 months ago
Option D seems straightforward and meets the requirement. Selecting 'All Policies' and setting the email notification to repeat daily should do the trick.
upvoted 0 times
...
...
Marge
3 months ago
I agree with Virgina, option B seems to meet the requirement effectively by sending daily alerts for specific policies.
upvoted 0 times
...
Virgina
3 months ago
I think option B is the best choice because it allows for daily email alerts for high risk severity policies.
upvoted 0 times
...

Save Cancel