PCCSEのPDF問題集で2024年01月01日最近更新された問題 [Q65-Q88]

PCCSEのPDF問題集で2024年01月01日最近更新された問題

PCCSE試験問題有効なPCCSE問題集PDF

PCCSE認定を取得することは、クラウドセキュリティの深い理解を持ち、効果的なクラウドセキュリティソリューションを実装できる能力を持った候補者であることを雇用主や同僚に示すことができます。また、最新のクラウドセキュリティのトレンドやベストプラクティスに常にアップデートすることにコミットしているクラウドセキュリティ専門家のコミュニティに参加する機会も提供されます。全体的に、PCCSE認定はクラウドセキュリティにおけるキャリアアップを目指すすべての人にとって、有益な資格です。

 

質問 # 65
A security team is deploying Cloud Native Application Firewall (CNAF) on a containerized web application. The application is running an NGINX container. The container is listening on port 8080 and is mapped to host port 80.
Which port should the team specify in the CNAF rule to protect the application?

• A. 0
• B. 1
• C. 2
• D. 3

正解：B

質問 # 66
Which three elements are part of SSH Events in Host Observations? (Choose three.)

• A. Command
• B. Startup process
• C. User
• D. System calls
• E. Process path

正解：A、B、C

質問 # 67
Which order of steps map a policy to a custom compliance standard?
(Drag the steps into the correct order of occurrence, from the first step to the last.)

正解：

解説：

質問 # 68
The compliance team needs to associate Prisma Cloud policies with compliance frameworks. Which option should the team select to perform this task?

• A. Policies
• B. Custom Compliance
• C. Alert Rules
• D. Compliance

正解：A

質問 # 69
A customer wants to scan a serverless function as part of a build process. Which twistcli command can be used to scan serverless functions?

• A. twistcli serverless AWS <SERVERLESS_FUNCTION.ZIP>
• B. twiscli serverless scan <SERVERLESS_FUNCTION.ZIP>
• C. twistcli scan serverless <SERVERLESS_FUNCTION.ZIP>
• D. twistcli function scan <SERVERLESS_FUNCTION.ZIP>

正解：D

解説：
The twistcli command is a CLI tool used to scan serverless functions as part of a build process. The command takes a serverless function as an argument, which should be provided in the form of a ZIP archive. By running the command, the serverless function will be scanned for any potential vulnerabilities.

質問 # 70
Given a default deployment of Console, a customer needs to identify the alerted compliance checks that are set by default Where should the customer navigate in Console?

• A. Defend > Compliance
• B. Monitor > Compliance
• C. Manage > Compliance
• D. Custom > Compliance

正解：B

質問 # 71
Which policy type in Prisma Cloud can protect against malware?

• A. Event
• B. Network
• C. Config
• D. Data

正解：D

質問 # 72
A user from an organization is unable to log in to Prisma Cloud Console after having logged in the previous day.
Which area on the Console will provide input on this issue?

• A. Access Control
• B. SSO
• C. Users & Groups
• D. Audit Logs

正解：D

質問 # 73
A customer has multiple violations in the environment including:
User namespace is enabled
An LDAP server is enabled
SSH root is enabled
Which section of Console should the administrator use to review these findings?

• A. Manage
• B. Vulnerabilities
• C. Radar
• D. Compliance

正解：A

質問 # 74
Which statement is true regarding CloudFormation templates?

• A. Scan support is provided for JSON. HTML and YAML formats.
• B. Scan support does not currently exist tor nested references, macros, or intrinsic functions.
• C. A single template or a zip archive of template files cannot be scanned with a single API request.
• D. Request-Header-Field 'cloudformation-version' is required to request a scan.

正解：B

質問 # 75
When an alert notification from the alarm center is deleted, how many hours will a similar alarm be suppressed by default?

• A. 0
• B. 1
• C. 2
• D. 3

正解：D

質問 # 76
A customer has a requirement to scan serverless functions for vulnerabilities.
What is the correct option to configure scanning?

• A. Use Lambda layers to deploy a Defender into the function.
• B. Configure serverless radar from the Defend > Compliance > Cloud Platforms page.
• C. Configure a function scan policy from the Defend > Vulnerabilities > Functions page.
• D. Embed serverless Defender into the function.

正解：D

質問 # 77
Which three types of buckets exposure are available in the Data Security module? (Choose three.)

• A. Conditional
• B. International
• C. Differential
• D. Public
• E. Private

正解：A、B、C

質問 # 78
A customer finds that an open alert from the previous day has been resolved. No auto-remediation was configured.
Which two reasons explain this change in alert status? (Choose two.)

• A. user manually changed the alert status.
• B. resource was deleted.
• C. policy was changed.
• D. alert was sent to an external integration.

正解：A、B

質問 # 79
Console is running in a Kubernetes cluster, and you need to deploy Defenders on nodes within this cluster.
Which option shows the steps to deploy the Defenders in Kubernetes using the default Console service name?

• A. From the deployment page in Console, choose twistlock-console for Console identifier, and run the curl | bash script on the master Kubernetes node.
• B. From the deployment page in Console, choose twistlock-console for Console identifier, generate DaemonSet file, and apply DaemonSet to the twistlock namespace.
• C. From the deployment page in Console, choose pod name for Console identifier, generate DaemonSet file, and apply the DaemonSet to twistlock namespace.
• D. From the deployment page configure the cloud credential in Console and allow cloud discovery to auto-protect the Kubernetes nodes.

正解：B

質問 # 80
Which resource and policy type are used to calculate AWS Net Effective Permissions? (Choose two.)

• A. AWS Service Control Policies (SCPs)
• B. Amazon Resource Names (ARNs) using Wild Cards
• C. Lambda Function
• D. Service Linked Roles

正解：A、B

質問 # 81
Which two statements apply to the Defender type Container Defender - Linux?

• A. It is implemented as runtime protection in the userspace.
• B. It is deployed as a container.
• C. It is incapable of filesystem runtime defense.
• D. It is deployed as a service.

正解：A、D

質問 # 82
A customer finds that an open alert from the previous day has been resolved No auto-remediation was configured Which two reasons explain this change in alert status? (Choose two )

• A. user manually changed the alert status
• B. policy was changed.
• C. resource was deleted.
• D. alert was sent to an external integration

正解：B、C

質問 # 83
In WAAS Access control file upload controls, which three file types are supported out of the box? (Choose three.)

• A. Images
• B. Journal
• C. Text
• D. Audio
• E. Documents

正解：A、C、E

質問 # 84
Which three fields are mandatory when authenticating the Prisma Cloud plugin in the IntelliJ application? (Choose three.)

• A. Asset Name
• B. Prisma Cloud API URL
• C. Tags
• D. Secret Key
• E. Access Key

正解：B、D、E

質問 # 85
A customer is interested in PCI requirements and needs to ensure that no privilege containers can start in the environment. Which action needs to be set for "do not use privileged containers?

• A. Fail
• B. Prevent
• C. Alert
• D. Block

正解：C

質問 # 86
Which options show the steps are required to upgrade Console when using projects?

• A. Upgrade Central Console
  Upgrade all Supervisor Consoles
• B. Upgrade Central Console
  Upgrade Central Console Defenders
• C. Upgrade Defender
  Upgrade Central Console
  Upgrade Supervisor Consoles
• D. Upgrade all Supervisors Consoles
  Upgrade Central Console

正解：A

質問 # 87
An administrator for Prisma Cloud needs to obtain a graphical view to monitor all connections, including connections across hosts and connections to any configured network objects.
Which setting does the administrator enable or configure to accomplish this task?

• A. Telemetry
• B. WAAS Analytics
• C. Host Insight
• D. Cloud Native Network Firewall
• E. ADEM

正解：D

質問 # 88
......

Palo Alto NetworksのPCCSE試験は、クラウドセキュリティ専門家にとって貴重な認定試験です。この試験は、クラウドセキュリティに関連する幅広いトピックをカバーし、経験豊富な専門家のスキルと知識をテストするよう設計されています。この認定は、組織がクラウドセキュリティポストアを改善するために、Prisma Cloud認定プログラムの一部として提供されています。

 

PCCSE問題集合格確定させる練習には200問があります：https://www.jpntest.com/shiken/PCCSE-mondaishu