• Home
  • Articles
  • PCCSE Certification Overview - [Nov 14, 2021] Latest PCCSE PDF Dumps [Q21-Q37]

PCCSE Certification Overview - [Nov 14, 2021] Latest PCCSE PDF Dumps [Q21-Q37]

Share

PCCSE Certification Overview - [Nov 14, 2021] Latest PCCSE PDF Dumps

The Best Palo Alto Networks PCCSE Study Guides and Dumps of 2021

NEW QUESTION 21
What is the order of steps to create a custom network policy?
(Drag the steps into the correct order of occurrence, from the first step to the last.)

Answer:

Explanation:

 

NEW QUESTION 22
A customer has a development environment with 50 connected Defenders A maintenance window is set for Monday to upgrade 30 stand-alone Defenders in the development environment, but there is no maintenance window available until Sunday to upgrade the remaining 20 standalone Defenders .
Which recommended action manages this situation?

  • A. Open a support case with Palo Alto Networks to arrange an automatic upgrade
  • B. Find a maintenance window that is suitable to upgrade all stand alone Defenders in the development environment
  • C. Upgrade a subset of the Defenders by clicking the individual Actions > Upgrade button in the row that corresponds to the Defender that should be upgraded during the maintenance window
  • D. Go to Manage > Defender > Manage, then click Defenders, and use the Scheduler to choose which Defenders will be automatically upgraded during the maintenance window

Answer: B

 

NEW QUESTION 23
A security team notices a number of anomalies under Monitor > Events. The incident response team works with the developers to determine that these anomalies are false positives.
What will be the effect if the security team chooses to Relearn on this image?

  • A. The model is deleted and returns to the initial learning state.
  • B. The model is retained, and any new behavior observed during the new learning period will be added to the existing model.
  • C. The anomalies detected will automatically be added to the model.
  • D. The model is deleted, and Defender will relearn for 24 hours.

Answer: C

 

NEW QUESTION 24
You are an existing customer of Prisma Cloud Enterprise. You want to onboard a public cloud account and immediately see all of the alerts associated with this account based off ALL of your tenant's existing enabled policies. There is no requirement to send alerts from this account to a downstream application at this time.
Which option shows the steps required during the alert rule creation process to achieve this objective?

  • A. Ensure the public cloud account is assigned to an account group Assign the confirmed account group to alert rule Select "select all policies" checkbox as part of the alert rule Confirm the alert rule
  • B. Ensure the public cloud account is assigned to an account group Assign the confirmed account group to alert rule Select one or more policies as part of the alert rule Add alert notifications Confirm the alert rule
  • C. Ensure the public cloud account is assigned to an account group Assign the confirmed account group to alert rule Select "select all policies" checkbox as part of the alert rule Add alert notifications Confirm the alert rule
  • D. Ensure the public cloud account is assigned to an account group Assign the confirmed account group to alert rule Select one or more policies checkbox as part of the alert rule Confirm the alert rule

Answer: B

 

NEW QUESTION 25
Given an existing ECS Cluster, which option shows the steps required to install the Console in Amazon ECS?

  • A. Download and extract release tarball
    Download task from AWS
    Create the Console task definition
    Deploy the task definition
  • B. Download and extract the release tarball
    Ensure that each node has it own storage for Console data
    Create the Console task definition
    Deploy the task definition
  • C. Download and extract the release tarball
    Create an EPS file system and mount to each node in the cluster
    Create the Console task definition
    Deploy the task definition
  • D. The console cannot natively run in an ECS cluster.
    A onebox deployment should be used.

Answer: A

 

NEW QUESTION 26
How are the following categorized?
* Backdoor account access
* Hijacked processes
* Lateral movement
* Port scanning

  • A. incidents
  • B. audits
  • C. models
  • D. admission controllers

Answer: B

 

NEW QUESTION 27
A S3 bucket within AWS has generated an alert by violating the Prisma Cloud Default policy "AWS S3 buckets are accessible to public" The policy definition follows:
config where cloud type = 'aws' AND api name='aws-s3api-get-bucket-acr AND json.rule="((((acl grants{?(@ grantee='AllUsers')] size > 0) or policyStatusisPubiic is true) and publicAccessBlockConfiguration does not exist) or ((ad.grantsp(@ grantee=='AII Users')] size > 0) and publicAccessBlockConfiguration ignorePubhcAds is false) or (policyStatus isPublic is true and publicAccessBlockConfiguration.restrictPublicBuckets is false)) and websiteConfiguration does not exist" Why did this alert get generated?

  • A. an event within the cloud account
  • B. anomalous behaviors
  • C. network traffic to the S3 bucket
  • D. configuration of the S3 bucket

Answer: B

 

NEW QUESTION 28
Match the service on the right that evaluates each exposure type on the left.
(Select your answer from the pull-down list. Answers may be used more than once or not at all.)

Answer:

Explanation:

Reference:
https://www.paloaltonetworks.com/prisma/cloud/cloud-data-security

 

NEW QUESTION 29
The Unusual protocol activity (Internal) network anomaly is generating too many alerts. An administrator has been asked to tune it to the option that will generate the least number of events without disabling it entirely.
Which strategy should the administrator use to achieve this goal?

  • A. Change the Training Threshold to Low
  • B. Disable the policy
  • C. Set the Alert Disposition to Conservative
  • D. Set Alert Disposition to Aggressive

Answer: A

Explanation:
Section: (none)
Explanation

 

NEW QUESTION 30
Which two statements are true about the differences between build and run config policies? (Choose two.)

  • A. Build and Audit Events policies belong to the configuration policy set
  • B. Build policies enable you to check for security misconfigurations in the laC templates and ensure that these issues do not get into production.
  • C. Run policies monitor resources, and check for potential issues after these cloud resources are deployed
  • D. Run policies monitor network activities in your environment, and check for potential issues during runtime.
  • E. Run and Network policies belong to the configuration policy set

Answer: A,D

 

NEW QUESTION 31
Which intensity setting for anomaly alerts is used for the measurement of 100 events over 30 days?

  • A. Very High
  • B. High
  • C. Low
  • D. Medium

Answer: B

 

NEW QUESTION 32
A customer has a requirement to scan serverless functions for vulnerabilities.
Which three settings are required to configure serverless scanning? (Choose three.)

  • A. Region
  • B. Credential
  • C. Defender Name
  • D. Provider
  • E. Console Address

Answer: A,B,D

 

NEW QUESTION 33
Which type of compliance check is available for rules under Defend > Compliance > Containers and Images > CI?

  • A. Functions
  • B. Container
  • C. Image
  • D. Host

Answer: B

 

NEW QUESTION 34
Which statement is true about obtaining Console images for Prisma Cloud Compute Edition'?
To retrieve Prisma Cloud Console images using URL auth;

  • A. 1. Access registry twistlock com. and authenticate using 'docker login'
    2 Retrieve the Prisma Cloud Console images using "docker pull'
    To retrieve Prisma Cloud Console images using URL auth
  • B. 1 Access registry-urt-auth twistlock com, and authenticate using the user certificate
    2. Retrieve the Prisma Cloud Console images using 'docker pull'
    To retrieve Prisma Cloud Console images using basic auth:
  • C. 1 Access registry paloaltonetworks com. and authenticate using 'docker login'
    2 Retrieve the Prisma Cloud Console images using 'docker pull'
  • D. 1 Access registry-auth.twistlock com and authenticate using the user certificate
    2. Retrieve the Prisma Cloud Console images using 'docker pull'
    To retrieve Prisma Cloud Console images using basic auth

Answer: D

 

NEW QUESTION 35
A customer wants to scan a serverless function as part of a build process.
Which twistcli command can be used to scan serverless functions?

  • A. twistcli serverless scan <SERVERLESS_FUNCTION.ZIP>
  • B. twistcli function scan <SERVERLESS_FUNCT10N ZIP>
  • C. twistcli serverless AWS <SERVERLESS_FUNCTION ZIP>
  • D. twistcli scan serverless <SERVERLESS_FUNCTION Z1P>

Answer: A

 

NEW QUESTION 36
A Prisma Cloud administrator is tasked with pulling a report via API The Prisma Cloud tenant is located on app2.pnsmacfoudjo. What is the correct API endpoint?

  • A. https://api2eu-prismacioud.io
  • B. https://api pnsmacloud.cn
  • C. https://api.prismactoud.io
  • D. https //api2-prismacloud io

Answer: A

 

NEW QUESTION 37
......


Palo Alto PCCSE Exam Topics:

SectionWeightObjectives
Dev SecOps Security (Shift-Left)11%- Implement scanning for IAC templates
  • Differentiate between Terraform and Cloudformation scanning configurations.
  • List OOTB IAC scanning integrations.
  • Configure API scanning for IAC templates.

- Configure policies in Console for IAC scanning

  • Review OOTB policies for IAC scanning.
  • Configure custom build policies for IAC scanning.

- Integrate Compute scans into CI/CD pipeline

  • Integrate container scans into CI/CD pipeline.
  • Integrate serverless scans into CI/CD pipeline.
  • Identify different options for scanning: Twistclip and plugins.

- Configure CI policies for Compute scanning

  • Review default CI policies for Compute scanning.
  • Configure custom CI policies for Compute scanning.
Cloud Workload Protection Platform22%- Monitor and Protect Against Image Vulnerabilities
  • Understand how to Investigate Image Vulnerabilities.
  • Configure Image Vulnerability Policy.

- Monitor and Protect Host Vulnerabilities

  • Understand how to Investigate Host Vulnerabilities.
  • Configure Host Vulnerability Policy.

- Monitor and Enforce Image/Container Compliance

  • Understand how to Investigate Image and Container Compliance.
  • Configure Image and Container Compliance Policy.

- Monitor and Enforce Host Compliance

  • Understand how to Investigate Host Compliance.
  • Configure Host Compliance Policy.

- Monitor and Enforce Container Runtime

  • Understand container models.
  • Configure container runtime policies.
  • Understand container runtime audits.
  • Investigate incidents using Incident Explorer.
- Configure cloud native application firewalls
  • Configure cloud native application firewall policies.
- Monitor and Protect Against Serverless Vulnerabilities
  • Understand how to Investigate Serverless Vulnerabilities.
  • Configure Serverless Vulnerability Policy.
  • Configure Serverless Auto-Protect functionality.
Web Application and API Security5%- Configure CNAF policies
Visibility, Security and Compliance20%- Configure policies
  • Understand policies related to compliance standards.
  • Build custom policies.
  • Identify policy types.

- Configure alerting and notifications

  • Understand alert states.
  • Build alert rules.
  • Create alert notifications.
  • Investigate alerts.

- Understand third-party integrations

  • Understand inbound and outbound notifications.

- Perform ad hoc investigations

  • Investigate resource configuration with RQL.
  • Investigate user activity using RQL.
  • Investigate network activity using RQL.
  • Investigate anomalous user event(s).

- Identify assets in a Cloud account

  • Identify inventory of resources in a cloud account.
  • Identify how to check resource configuration history.

- Use Prisma Cloud APIs

  • Use APIs for automation of tasks.
  • Use APIs for custom queries.
Install and Upgrade18%- Deploy and manage Console for the Compute Edition
  • Locate and download Prisma Cloud release software.
  • Install Console in onebox configuration.
  • Install Console in Kubernetes.
  • Perform upgrade on Console.

- Deploy and manage Defenders

  • Deploy Container Defenders.
  • Deploy Host Defenders.
  • Deploy Serverless Defenders.
  • Deploy App-embedded Defenders.
  • Configure networking for Defender to Console connectivity.
  • Perform upgrade on Defenders.
Prisma Cloud Administration -include Compute15%- Onboard accounts
  • Onboarding cloud accounts.
  • Configure account groups.

- Configure RBAC

  • Differentiate between Prisma Cloud and Compute roles.
  • Configure Prisma Cloud and Compute roles.

- Configure admission controller

  • Configure defender as an admission controller.
  • Create OPA policies

- Configure logging

  • Familiarize with audit logging.
  • Enable defender logging.

- Manage enterprise settings

  • Differentiate UEBA settings.
  • Configure idle timeout.
  • Set autoenable policies.
  • Set mandatory dismissal reason(s).
  • Enable user attribution.

- Understand third-party integrations

  • Understand inbound and outbound notifications.
  • Configure third-party integration for alerts.

- Leverage Compute APIs

  • Authenticate with APIs.
  • Locate API documentation.
  • List policies by API.
  • Manage alerts using APIs.
  • Create reports using APIs.
  • Download vulnerability results via API.
Data Loss Prevention9%- Onboarding
  • Configure CloudTrail and SNS.
  • Configure Scan options.

- Use Data Dashboard features

  • Classify objects.
  • List object permissions for visibility.
  • Viewing Data inventory.
  • Viewing Resource Explorer.
  • List Object Identifiers.
  • Knowing Object exposure states.

- Assess Data Policies and Alerts

  • Differentiate differences between malware and regular policies.
  • Understand the scope of alert notifications.

 

Valid PCCSE Exam Updates - 2021 Study Guide: https://www.vce4plus.com/Palo-Alto-Networks/PCCSE-valid-vce-dumps.html

Top Palo Alto Networks PCCSE Exam Audio Study Guide! Practice Questions Edition: https://drive.google.com/open?id=19w9TLa1Nv_0Ha0dhoqhA0SL44VgR69vS

Related Articles

more
Palo Alto Networks PCCSE Certification Practice Exam