Which report includes an executive summary and a list of policy violations, including a page with details for each policy?
Answer : C
The report that includes an executive summary along with a list of policy violations and detailed pages for each policy is the 'Cloud Security Assessment' report. This type of report is designed to provide organizations with a comprehensive overview of their cloud security posture, highlighting both compliance with security policies and areas needing attention.
A customer wants to monitor its Amazon Web Services (AWS) accounts via Prisma Cloud, but only needs the resource configuration to be monitored at present.
Which two pieces of information are needed to onboard this account? (Choose two.)
Answer : A, D
To onboard an AWS account for monitoring by Prisma Cloud, specifically for resource configuration monitoring, the required pieces of information include:
A . External ID: The External ID is a unique identifier used in the trust relationship between Prisma Cloud and the AWS account, ensuring secure access, making it a correct choice.
D . RoleARN: The Role Amazon Resource Name (RoleARN) is necessary to grant Prisma Cloud the required permissions to access and monitor the AWS account resources, making it a correct choice. Option B (CloudTrail) is related to AWS logging but is not required solely for onboarding. Option C (Active Directory ID) is not relevant to AWS account onboarding for Prisma Cloud.
Which policy type provides information about connections from suspicious IPs in a customer database?
Answer : A
AnAnomalypolicy in Prisma Cloud is designed to provide information about connections from suspicious IPs in a customer database. Anomaly policies are used to detect and alert on unusual activities that deviate from the norm, which can include traffic from known malicious or suspicious IP addresses. These policies help in identifying potential security threats by monitoring for activities that are out of the ordinary, such as unexpected access to a database from an IP address that has not been seen before or is known to be associated with malicious activities.
The documentation link you provided offers detailed guidance on how to configure and manage anomaly policies in Prisma Cloud, ensuring that users can effectively monitor their environments for potential security incidents.
Which three platforms support the twistcli tool? (Choose three.)
Answer : A, B, D
The twistcli tool, part of Prisma Cloud's suite of security tools, supports various platforms for security scanning and configuration. The correct platforms supported by twistcli include:
A . Linux: twistcli is widely used on Linux platforms for scanning container images, host vulnerabilities, and more, making it a correct choice.
B . Windows: twistcli supports Windows, allowing users to perform security scans and checks on Windows-based systems, making it a correct choice.
D . MacOS: twistcli is also compatible with MacOS, enabling security operations on Apple's operating system, making it a correct choice. Option C (Android) and E (Solaris) are not supported platforms for the twistcli tool, according to the available documentation on Prisma Cloud.
Which three AWS policy types and identities are used to calculate the net effective permissions? (Choose three).
Answer : A, B, C
In AWS, the net effective permissions are calculated based on various policy types and identities. The correct choices are:
A . AWS service control policies (SCPs): SCPs are used in AWS Organizations to manage permissions for all accounts within the organization, affecting the net effective permissions.
B . AWS IAM group: IAM groups define a set of permissions for a collection of users, influencing their effective permissions.
C . AWS IAM role: IAM roles provide temporary security credentials to assume a set of permissions, impacting the net effective permissions. Option D (AWS IAM User) and E (AWS IAM tag policy) also play roles in defining permissions, but A, B, and C are the primary types used in calculating net effective permissions, making them the correct choices.
Which policy type should be used to detect and alert on cryptominer network activity?
Answer : B
To detect and alert on cryptominer network activity, the policy type that should be used is an Anomaly policy. Anomaly policies in Prisma Cloud are designed to identify unusual and potentially malicious activities, including the network patterns typical of cryptomining operations. These policies leverage behavioral analytics to spot deviations from normal operations, making Option B the correct answer.
Prisma Cloud supports which three external systems that allow the import of vulnerabilities and provide additional context on risks in the cloud? (Choose three.)