Palo Alto Networks Prisma Certified Cloud Security Engineer Exam Practice Test

Page: 1 / 14
Total 126 questions

Question 1

Which component(s), if any, will Palo Alto Networks host and run when a customer purchases Prisma Cloud Enterprise Edition?



Answer : B

Question 2

Which ''kind'' of Kubernetes object is configured to ensure that Defender is acting as the admission controller?



Answer : C

Question 3

An administrator sees that a runtime audit has been generated for a Container. The audit message is ''DNS resolution of suspicious name wikipedia.com. type A''.

Why would this message appear as an audit?



Answer : A

Question 4

Which statement is true regarding CloudFormation templates?



Answer : A

Question 5

Review this admission control policy:

match[{"msg": msg}] { input.request.operation == "CREATE" input.request.kind.kind == "Pod" input.request.resource.resource == "pods"

input.request.object.spec.containers[_].securityContext.privileged msg := "Privileged"

}

Which response to this policy will be achieved when the effect is set to ''block''?



Answer : C

Question 6

The InfoSec team wants to be notified via email each time a Security Group is misconfigured. Which Prisma Cloud tab should you choose to complete this request?



Answer : B

Question 7

The security team wants to target a CNAF policy for specific running Containers. How should the administrator scope the policy to target the Containers?



Answer : B

Page:    1 / 14   
Total 126 questions