PCCSE Online Practice Questions and Answers

A customer does not want alerts to be generated from network traffic that originates from trusted internal networks. Which setting should you use to meet this customer's request?

A. Trusted Login IP Addresses

B. Anomaly Trusted List

C. Trusted Alert IP Addresses

D. Enterprise Alert Disposition

Which statement accurately characterizes SSO Integration on Prisma Cloud?

A. Prisma Cloud supports IdP initiated SSO, and its SAML endpoint supports the POST and GET methods.

B. Okta, Azure Active Directory, PingID, and others are supported via SAML.

C. An administrator can Configure different Identity Providers (IdP) for all the cloud accounts that Prisma Cloud monitors.

D. An administrator who needs to access the Prisma Cloud API can use SSO after configuration.

The compliance team needs to associate Prisma Cloud policies with compliance frameworks. Which option should the team select to perform this task?

A. Custom Compliance

B. Policies

C. Compliance

D. Alert Rules

The security team wants to enable the "block" option under compliance checks on the host. What effect will this option have if it violates the compliance check?

A. The host will be taken o ine.

B. Additional hosts will be prevented form starting.

C. Containers on a host will be stopped.

D. No containers will be allowed to start on that host.

Console is running in a Kubernetes cluster, and you need to deploy Defenders on nodes within this cluster. Which option shows the steps to deploy the Defenders in Kubernetes using the default Console service name?

A. From the deployment page in Console, choose pod name for Console identifier, generate DaemonSet file, and apply the DaemonSet to twistlock namespace.

B. From the deployment page Configure the cloud credential in Console and allow cloud discovery to auto-protect the Kubernetes nodes.

C. From the deployment page in Console, choose twistlock-console for Console identifier, generate DaemonSet file, and apply DaemonSet to the twistlock namespace.

D. From the deployment page in Console, choose twistlock-console for Console identifier, and run the curl | bash script on the master Kubernetes node.

Which IAM RQL query would correctly generate an output to view users who enabled console access with both access keys and passwords?

A. config from network where api.name = `aws-iam-get-credential-report' AND json.rule = cert_1_active is true or cert_2_active is true and password_enabled equals "true"

B. config from cloud.resource where api.name = 'aws-iam-get-credential-report' AND json.rule = access_key_1_active is true or access_key_2_active is true and password_enabled equals "true"

C. config from cloud.resource where api.name = 'aws-iam-get-credential-report' AND json.rule = access_key_1_active is false or access_key_2_active is true and password_enabled equals "*"

D. config where api.name = `aws-iam-get-credential-report' AND json.rule= access_key_1_active is true or access_key_2_active is true and password_enabled equals "true"

Which three serverless runtimes are supported by Prisma Cloud for vulnerability and compliance scans? (Choose three.)

A. Swift

B. Python

C. Dart

D. Java

E. Node.js

Which of the following is a reason for alert dismissal?

A. SNOOZED_AUTO_CLOSE

B. ALERT_RULE_ADDED

C. POLICY_UPDATED

D. USER_DELETED

Which two information types cannot be seen in the data security dashboard? (Choose two.)

A. Top Publicly Exposed Objects By Data Profile

B. Bucket owner

C. Object content

D. Total objects

E. Object Data Profile by Region

DRAG DROP

Put the steps involved to configure and scan using the IntelliJ plugin in the correct order.

Select and Place: