PCCSE無料問題集「Palo Alto Networks Prisma Certified Cloud Security Engineer」

質問 1

The development team is building pods to host a web front end, and they want to protect these pods with an application firewall.
Which type of policy should be created to protect this pod from Layer7 attacks?

（A）The development team should create a runtime policy with networking protections.

（B）The development team should create a WAAS rule targeted at all resources on the host.

（C）The development team should create a WAAS rule targeted at the image name of the pods.

（D）The development team should create a WAAS rule for the host where these pods will be running.

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 2

In which Console menu would an administrator verify whether a custom compliance check is failing or passing?

（A）Defend > Compliance

（B）Monitor > Compliance

（C）Container Security > Compliance

（D）Custom > Compliance

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 3

Under which tactic is "Exploit Public-Facing Application" categorized in the ATT&CK framework?

（A）Initial Access

（B）Privilege Escalation

（C）Execution

（D）Defense Evasion

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 4

Which two attributes are required for a custom config RQL? (Choose two.)

（A）cloud.account

（B）json.rule

（C）tag

（D）api.name

正解：B、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 5

Which three elements are part of SSH Events in Host Observations? (Choose three.)

（A）Command

（B）Startup process

（C）User

（D）Process path

（E）System calls

正解：A、C、D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 6

Given the following audit event activity snippet:

Which RQL will be triggered by the audit event?
A)
B)
C)
D)

（A）Option D

（B）Option B

（C）Option C

（D）Option A

正解：A 解答を投票する

質問 7

Which Prisma Cloud policy type can protect against malware?

（A）Data

（B）Config

（C）Network

（D）Event

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 8

An administrator sees that a runtime audit has been generated for a container.
The audit message is:
"/bin/ls launched and is explicitly blocked in the runtime rule. Full command: ls -latr" Which protection in the runtime rule would cause this audit?

（A）Networking

（B）Processes

（C）File systems

（D）Container

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 9

Which statement is true about obtaining Console images for Prisma Cloud Compute Edition?

（A）To retrieve Prisma Cloud Console images using URL auth:
1.Access registry-auth.twistlock.com, and authenticate using the user certificate.
2.Retrieve the Prisma Cloud Console images using 'docker pull'.

（B）To retrieve Prisma Cloud Console images using URL auth:
1.Access registry-url-auth.twistlock.com, and authenticate using the user certificate.
2.Retrieve the Prisma Cloud Console images using 'docker pull'.

（C）To retrieve Prisma Cloud Console images using basic auth:
1.Access registry.paloaltonetworks.com, and authenticate using 'docker login'.
2.Retrieve the Prisma Cloud Console images using 'docker pull'.

（D）To retrieve Prisma Cloud Console images using basic auth:
1.Access registry.twistlock.com, and authenticate using 'docker login'.
2.Retrieve the Prisma Cloud Console images using 'docker pull'.

正解：D 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 10

Which two variables must be modified to achieve automatic remediation for identity and access management (IAM) alerts in Azure cloud? (Choose two.)

（A）SB_QUEUE_KEY

（B）API_ENDPOINT

（C）SQS_QUEUE_NAME

（D）YOUR_ACCOUNT_NUMBER

正解：A、B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 11

In Azure, what permissions need to be added to Management Groups to allow Prisma Cloud to calculate net effective permissions?

（A）Microsoft.Management/managementGroups/descendants/calculate

（B）PaloAltoNetworks.PrismaCloud/managementGroups/

（C）Microsoft.Management/managementGroups/descendants/read

（D）PaloAltoNetworks.PrismaCloud/managementGroups/descendants/read

正解：C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 12

Review this admission control policy:
match[{"msg": msg}] { input.request.operation == "CREATE" input.request.kind.kind == "Pod" input.request.resource.resource == "pods" input.request.object.spec.containers[_].securityContext.privileged msg := "Privileged"
}
Which response to this policy will be achieved when the effect is set to "block"?

（A）The policy will block the creation of a privileged pod.

（B）The policy will block all pods on a Privileged host.

（C）The policy will replace Defender with a privileged Defender.

（D）The policy will alert only the administrator when a privileged pod is created.

正解：A 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 13

Which two roles have access to view the Prisma Cloud policies? (Choose two.)

（A）Dev SecOps

（B）Defender Manager

（C）Auditor

（D）Build AND Deploy Security

正解：A、C 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

質問 14

How are the following categorized?
Backdoor account access Hijacked processes Lateral movement
Port scanning

（A）admission controllers

（B）incidents

（C）audits

（D）models

正解：B 解答を投票する

解説: (JPNTest メンバーにのみ表示されます)

PCCSE 無料問題集「Palo Alto Networks Prisma Certified Cloud Security Engineer」

弊社を連絡する

関連リンク

トップ試験