BlackFriday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Palo Alto Networks Exam PCCSE Topic 7 Question 86 Discussion

Actual exam question for Palo Alto Networks's PCCSE exam
Question #: 86
Topic #: 7
[All PCCSE Questions]

Which two statements explain differences between build and run config policies? (Choose two.)

Show Suggested Answer Hide Answer
Suggested Answer: B, D

The Run policies monitor resources and check for potential issues once these cloud resources are deployed Build policies enable you to check for security misconfigurations in the IaC templates and ensure that these issues do not make their way into production. https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-policies/create-a-policy

B . Build policies: These are designed to identify insecure configurations in your Infrastructure as Code (IaC) templates, such as AWS CloudFormation, HashiCorp Terraform, and Kubernetes App manifests. The goal of build policies is to detect security issues early in the development process, before the actual resources are deployed in runtime environments.This helps ensure that security issues are identified and remediated before they can affect production1.

D . Run policies: These policies are focused on monitoring the deployed cloud resources and checking for potential issues during their operation.Run policies are essential for ongoing security and compliance in the production environment, as they provide visibility into the actual state of resources and their activities1.

Run and Network policies (A) are indeed part of the configuration policy set, but they do not highlight the difference between build and run policies. Similarly, while Run policies do monitor network activities , this statement does not contrast them with Build policies.


by Josefa at Sep 13, 2024, 10:21 AM

Limited Time Offer

25%

Off

Get Premium PCCSE Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Johanna
13 days ago
I've been studying for this exam like a mad person, and I think B and D are the way to go. Though I have to say, the number of policies and configs is enough to make my head spin. Somebody get me a coffee, stat!
upvoted 0 times
Remedios
1 days ago
I agree, B and D are the correct statements. The number of policies can be overwhelming.
upvoted 0 times
...
...
Alaine
15 days ago
Ah, the joys of infrastructure as code. It's like a never-ending game of Tetris, but with more AWS services and less falling blocks. I'll go with B and D, they sound the most logical.
upvoted 0 times
...
Eun
16 days ago
I'm a bit confused, to be honest. All these policies and configs, it's like a whole new language! But I'll give it a shot - B and D, maybe?
upvoted 0 times
Anika
1 days ago
C) Run policies monitor network activities in the environment and check for potential issues during runtime.
upvoted 0 times
...
Eveline
3 days ago
B) Build policies allow checking for security misconfigurations in the IaC templates and ensure these issues do not get into production.
upvoted 0 times
...
Alona
9 days ago
A) Run and Network policies belong to the configuration policy set.
upvoted 0 times
...
...
Ronny
22 days ago
I'm going with B and C. Gotta keep an eye on those network activities, am I right? Can't be too careful these days.
upvoted 0 times
Yoko
5 days ago
I agree, monitoring network activities is crucial.
upvoted 0 times
...
...
Sharan
1 months ago
B and D seem like the correct answers here. Build policies are for checking security issues in the IaC templates, and run policies monitor resources after deployment. Easy peasy!
upvoted 0 times
Olene
10 days ago
Yes, build policies check for security misconfigurations and run policies monitor resources after deployment.
upvoted 0 times
...
Chery
23 days ago
I think B and D are the correct answers.
upvoted 0 times
...
...
Bettina
2 months ago
So, build policies are more proactive in preventing issues, while run policies are reactive in monitoring deployed resources.
upvoted 0 times
...
Roosevelt
2 months ago
Yes, that's correct. Build policies help prevent issues before deployment, while run policies monitor resources after deployment.
upvoted 0 times
...
Malcom
2 months ago
I think the difference is that build policies focus on security misconfigurations in IaC templates.
upvoted 0 times
...

Save Cancel