Free Palo Alto Networks PCCSE Exam Dumps and PCCSE Exam Questions

Question No: 1

MultipleChoice

Which statement is true about obtaining Console images for Prisma Cloud Compute Edition'?

To retrieve Prisma Cloud Console images using URL auth;

Options

A1 Access registry-urt-auth twistlock com, and authenticate using the user certificate
2. Retrieve the Prisma Cloud Console images using 'docker pull'
To retrieve Prisma Cloud Console images using basic auth:

B1. Access registry twistlock com. and authenticate using 'docker login'
2 Retrieve the Prisma Cloud Console images using 'docker pull'
To retrieve Prisma Cloud Console images using URL auth

C1 Access registry-auth.twistlock com and authenticate using the user certificate
2. Retrieve the Prisma Cloud Console images using 'docker pull'
To retrieve Prisma Cloud Console images using basic auth

D1 Access registry paloaltonetworks com. and authenticate using 'docker login'
2 Retrieve the Prisma Cloud Console images using 'docker pull'

Question No: 2

MultipleChoice

How are the following categorized?

* Backdoor account access

* Hijacked processes

* Lateral movement

* Port scanning

Options

Aaudits

Bmodels

Cadmission controllers

Dincidents

Question No: 3

MultipleChoice

A customer has Defenders connected to Prisma Cloud Enterprise The Defenders are deployed as a DaemonSet in OpenShift. How should the administrator get a report of vulnerabilities on hosts'?

Options

ANavigate to Defend > Vulnerabilities > VM Images

BNavigate to Monitor > Vulnerabilities > Hosts

CNavigate to Defend > Vulnerabilities > Hosts

DNavigate to Monitor > Vulnerabilities > CVE Viewer

Question No: 4

MultipleChoice

Which RQL query will help create a custom identity and access management (1AM) policy to alert on Lambda functions that have permission to terminate FP9 instances?

Options

Aconfig from iam where dest.cloud.type = 'AWS' AND source.cloud.service.name = 'lambda1 AND source.cloud.resource.type = 'function1 AND dest.cloud.service.name = 'ec2' AND action.name = 'ec2:TerminateInstances'

Bconfig from iam where dest.cloud.type = 'AWS' AND source.cloud.service.name = 'ec2' AND source.cloud.resource.type = 'instance' AND dest.cloud.service.name = 'lamda' AND action.name = 'ec2:TerminateInstances'

Ciam from cloud.resource where dest.cloud.type = 'AWS' AND source.cloud.service.name = 'lambda' AND source.cloud.resource.type = 'function' AND dest.cloud.service.name = 'ec2' AND action.name = 'ec2:TerminateInstances'

Diam from cloud.resource where cloud.type equals 'AWS' AND cloud.resource.type equals 'lambda function' AND cloud.service.name = 'ec2' AND action.name equals 'ec2:TerminateInstances'

Question No: 5

MultipleChoice

Which command correctly outputs scan results to stdout in tabular format and writes scan results to a JSON file while still sending the results to Console?

A)

B)

C)

D)

Options

AOption A

BOption B

COption C

DOption D

Question No: 6

MultipleChoice

A customer wants to be notified about port scanning network activities in their environment Which policy type detects this behavior?

Options

ANetwork

BAnomaly

CConfig

DPort Scan

Question No: 7

MultipleChoice

You have onboarded a public cloud account into Prisma Cloud Enterprise Configuration Resource ingestion is visible in the Asset Inventory for the onboarded account, but no alerts are being generated for the configuration assets in the account

Config policies are enabled in the Prisma Cloud Enterprise tenant, with those policies associated to existing alert rules RQL statements on the Investigate matching those policies return config resource results successfully

Why are no alerts being generated''

Options

AThe public cloud account does not have audit trail ingestion enabled.

BThe public cloud account is not associated with an alert notification.

CThe public cloud account does not have access to configuration resources.

DThe public cloud account is not associated with an alert rule

Question No: 8

MultipleChoice

You are an existing customer of Prisma Cloud Enterprise. You want to onboard a public cloud account and immediately see all of the alerts associated with this account based off ALL of your tenant's existing enabled policies. There is no requirement to send alerts from this account to a downstream application at this time.

Which options shows the steps required during the alert rule creation process to achieve this objective?

Options

AEnsure the public cloud account is assigned to an account group
Assign the confirmed account group to alert rule
Select one or more policies as part of the alert rule
Add alert notifications
Confirm the alert rule

BEnsure the public cloud account is assigned to an account group
Assign the confirmed account group to alert rule
Select one or more policies checkbox as part of the alert rule
Confirm the alert rule

CEnsure the public cloud account is assigned to an account group
Assign the confirmed account group to alert rule
Select 'select all policies' checkbox as part of the alert rule
Confirm the alert rule

DEnsure the public cloud account is assigned to an account group
Assign the confirmed account group to alert rule
Select 'select all policies' checkbox as part of the alert rule
Add alert notifications
Confirm the alert rule

Question No: 9

MultipleChoice

Given this information:

* The Console is located at https//prisma-console mydomain local

* The username is ciuser

* The password is password123

* The Image to scan is myimage latest

Which twistcli command should be used to scan a Container for vulnerabilities and display the details about each vulnerability?

Options

Atwistcli images scan ---console-address https //prisma-console mydomain local -u ciuser -p password123 -details myimage latest

Btwistcli images scan ---address prisma-console mydomain local -u ciuser -p password123 -vulnerability-details myimage latest

Ctwistcli images scan -address https //prisma-console mydomain local -u ciuser -p password123 -details myimage latest

Dtwistcli images scan ---console-address prisma-console mydomain local -u ciuser -p password!23 -vulnerability-details myimage.latest

Question No: 10

MultipleChoice

Per security requirements, an administrator needs to provide a list of people who are receiving e-mails for Prisma Cloud alerts Where can the administrator locate this list of e-mail recipients'?

Options

AUsers section within Settings.

BSet Alert Notification section within an Alert Rule.

CNotification Template section within Alerts.

DTarget section within an Alert Rule