Updated Prisma Certified Cloud Security Engineer PCCSE Exam Dumps V11.02

1. Which three steps are involved in onboarding an account for Data Security? (Choose three.)

2. An administrator wants to enforce a rate limit for users not being able to post five (5) .tar.gz files within five (5) seconds.

What does the administrator need to configure?

3. The security team wants to enable the “block” option under compliance checks on the host.

What effect will this option have if it violates the compliance check?

4. Which type of compliance check is available for rules under Defend > Compliance > Containers and Images > CI?

5. A security team has a requirement to ensure the environment is scanned for vulnerabilities.

What are three options for configuring vulnerability policies? (Choose three.)

6. The development team wants to fail CI jobs where a specific CVE is contained within the image.

How should the development team configure the pipeline or policy to produce this outcome?

7. A business unit has acquired a company that has a very large AWS account footprint. The plan is to immediately start onboarding the new company’s AWS accounts into Prisma Cloud Enterprise tenant immediately. The current company is currently not using AWS Organizations and will require each account to be onboarded individually.

The business unit has decided to cover the scope of this action and determined that a script should be written to onboard each of these accounts with general settings to gain immediate posture visibility across the accounts.

Which API endpoint will specifically add these accounts into the Prisma Cloud Enterprise tenant?

8. A security team is deploying Cloud Native Application Firewall (CNAF) on a containerized web application. The application is running an NGINX container. The container is listening on port 8080 and is mapped to host port 80.

Which port should the team specify in the CNAF rule to protect the application?

9. The compliance team needs to associate Prisma Cloud policies with compliance frameworks.

Which option should the team select to perform this task?

10. An administrator for Prisma Cloud needs to obtain a graphical view to monitor all connections, including connections across hosts and connections to any configured network objects.

Which setting does the administrator enable or configure to accomplish this task?

11. Which two integrations enable ingesting host findings to generate alerts? (Choose two.)

12. On which cloud service providers can you receive new API release information for Prisma Cloud?

13. Which alert deposition severity must be chosen to generate low and high severity alerts in the Anomaly settings when user wants to report on an unknown browser and OS, impossible time travel, or both due to account hijacking attempts?

14. You are tasked with configuring a Prisma Cloud build policy for Terraform.

What type of query is necessary to complete this policy?

15. An administrator wants to install the Defenders to a Kubernetes cluster. This cluster is running the console on the default service endpoint and will be exporting to YAML.

Console Address: $CONSOLE_ADDRESS Websocket Address:

$WEBSOCKET_ADDRESS User: $ADMIN_USER

Which command generates the YAML file for Defender install?

16. A customer has a requirement to restrict any container from resolving the name www.evil-url.com.

How should the administrator configure Prisma Cloud Compute to satisfy this requirement?

17. What is the default namespace created by Defender DaemonSet during deployment?

18. The security team wants to protect a web application container from an SQLi attack.

Which type of policy should the administrator create to protect the container?

19. Which of the following is displayed in the asset inventory?

20. Which RQL query type is invalid?

21. Create an Alert rule

22. Which policy type in Prisma Cloud can protect against malware?

23. What is the behavior of Defenders when the Console is unreachable during upgrades?

24. Given the following JSON query:

$.resource[*].aws_s3_bucket exists

Which tab is the correct place to add the JSON query when creating a Config policy?

25. An administrator has a requirement to ingest all Console and Defender logs to Splunk.

Which option will satisfy this requirement in Prisma Cloud Compute?

26. What is an example of an outbound notification within Prisma Cloud?

27. A customer wants to scan a serverless function as part of a build process.

Which twistcli command can be used to scan serverless functions?

28. DRAG DROP

Move the steps to the correct order to set up and execute a serverless scan using AWS DevOps.

29. A customer has Prisma Cloud Enterprise and host Defenders deployed.

What are two options that allow an administrator to upgrade Defenders? (Choose two.)

30. Anomaly policy uses which two logs to identify unusual network and user activity? (Choose two.)

31. What is the function of the external ID when onboarding a new Amazon Web Services (AWS) account in Prisma Cloud?

32. Which options show the steps required to upgrade Console when using projects?

33. DRAG DROP

Which order of steps map a policy to a custom compliance standard? (Drag the steps into the correct order of occurrence, from the first step to the last.)

34. An administrator has access to a Prisma Cloud Enterprise.

What are the steps to deploy a single container Defender on an ec2 node?

35. DRAG DROP

An administrator has been tasked with creating a custom service that will download any existing compliance report from a Prisma Cloud Enterprise tenant.

In which order will the APIs be executed for this service? (Drag the steps into the correct order of occurrence, from the first step to the last.)

36. When configuring SSO how many IdP providers can be enabled for all the cloud accounts monitored by Prisma Cloud?

37. Which two options may be used to upgrade the Defenders with a Console v20.04 and Kubernetes deployment? (Choose two.)

38. Which container image scan is constructed correctly?

39. The Unusual protocol activity (Internal) network anomaly is generating too many alerts. An administrator has been asked to tune it to the option that will generate the least number of events without disabling it entirely.

Which strategy should the administrator use to achieve this goal?

40. Which two required request headers interface with Prisma Cloud API? (Choose two.)

41. Which three OWASP protections are part of Prisma Cloud Web-Application and API Security (WAAS) rule? (Choose three.)

42. Web-Application and API Security (WAAS) provides protection for which two protocols? (Choose two.)

43. DRAG DROP

You wish to create a custom policy with build and run subtypes. Match the query types for each example.

(Select your answer from the pull-down list. Answers may be used more than once or not at all.)

44. The administrator wants to review the Console audit logs from within the Console.

Which page in the Console should the administrator use to review this data, if it can be reviewed at all?

45. Which categories does the Adoption Advisor use to measure adoption progress for Cloud Security Posture Management?

46. Given an existing ECS Cluster, which option shows the steps required to install the Console in Amazon ECS?

47. Which option shows the steps to install the Console in a Kubernetes Cluster?

48. Which two actions are required in order to use the automated method within Amazon Web Services (AWS) Cloud to streamline the process of using remediation in the identity and access management (IAM) module? (Choose two.)

49. Which two filters are available in the SecOps dashboard? (Choose two.)

50. A customer wants to be notified about port scanning network activities in their environment.

Which policy type detects this behavior?

51. An administrator has deployed Console into a Kubernetes cluster running in AWS. The administrator also has configured a load balancer in TCP passthrough mode to listen on the same ports as the default Prisma Compute Console configuration.

In the build pipeline, the administrator wants twistcli to talk to Console over HTTPS.

Which port will twistcli need to use to access the Prisma Compute APIs?

52. The exclamation mark on the resource explorer page would represent?

53. Which data storage type is supported by Prisma Cloud Data Security?

54. A customer has a requirement to terminate any Container from image topSecret:latest when a process named ransomWare is executed.

How should the administrator configure Prisma Cloud Compute to satisfy this requirement?

55. A customer has Defenders connected to Prisma Cloud Enterprise. The Defenders are deployed as a DaemonSet in OpenShift.

How should the administrator get a report of vulnerabilities on hosts?

56. What are the three states of the Container Runtime Model? (Choose three.)

57. What is the most reliable and extensive source for documentation on Prisma Cloud APIs?

58. The attempted bytes count displays?

59. How often do Defenders share logs with Console?

60. Which action would be applicable after enabling anomalous compute provisioning?

61. Which container scan is constructed correctly?

62. Where can Defender debug logs be viewed? (Choose two.)

63. A customer wants to monitor the company’s AWS accounts via Prisma Cloud, but only needs the resource configuration to be monitored for now.

Which two pieces of information do you need to onboard this account? (Choose two.)

64. While writing a custom RQL with array objects in the investigate page, which type of auto-suggestion a user can leverage?

65. DRAG DROP

What is the order of steps in a Jenkins pipeline scan? (Drag the steps into the correct order of occurrence, from the first step to the last.)

66. Which three incident types will be reflected in the Incident Explorer section of Runtime Defense? (Choose three.)

67. Which three types of buckets exposure are available in the Data Security module? (Choose three.)

68. The Prisma Cloud administrator has configured a new policy.

Which steps should be used to assign this policy to a compliance standard?

69. DRAG DROP

An administrator needs to write a script that automatically deactivates access keys that have not been used for 30 days.

In which order should the API calls be used to accomplish this task? (Drag the steps into the correct order from the first step to the last.) Select and Place:

70. What is the correct method for ensuring key-sensitive data related to SSNs and credit card numbers cannot be viewed in Dashboard > Data view during investigations?