Palo Alto Networks PCCSE Exam Practice Test Instant Access

Question 1

Creation of a new custom compliance standard that is based on other individual custom compliance standards needs to be automated.

Assuming the necessary data from other standards has been collected, which API order should be used for this new compliance standard?

A1) https://api.prismacloud.io/compliance/add
2) https://api.prismacloud.io/compliance/requirementld/section
3) https://api.prismacloud.io/compliance/complianceld/requirement

B1) https://api.prismacloud.io/compliance
2) https://api.prismacloud.io/compliance/complianceld/requirement
3) https://api.prismacloud.io/compliance/requirementld/section

C1) https://api.prismacloud.io/compliance/add
2) https://api.prismacloud.io/compliance/complianceld/requirement
3) https://api.prismacloud.io/compliance/requirementld/section

D1) https://api.prismacloud.io/compliance
2) https://api.prismacloud.io/compliance/requirementld/section
3) https://api.prismacloud.io/compliance/complianceld/requirement

Answer : B

https://api.prismacloud.io/compliance Add Compliance Standard https://api.prismacloud.io/compliance/complianceld/requirement Add Compliance Requirement https://api.prismacloud.io/compliance/requirementld/section Add Compliance Requirement Section https://pan.dev/prisma-cloud/api/cspm/get-all-standards/

Question 2

A customer wants to monitor its Amazon Web Services (AWS) accounts via Prisma Cloud, but only needs the resource configuration to be monitored at present.

Which two pieces of information are needed to onboard this account? (Choose two.)

AExternal ID

BCloudTrail

CActive Directory ID

DRoleARN

Answer : A, D

To onboard an AWS account for monitoring by Prisma Cloud, specifically for resource configuration monitoring, the required pieces of information include:

A . External ID: The External ID is a unique identifier used in the trust relationship between Prisma Cloud and the AWS account, ensuring secure access, making it a correct choice.

D . RoleARN: The Role Amazon Resource Name (RoleARN) is necessary to grant Prisma Cloud the required permissions to access and monitor the AWS account resources, making it a correct choice. Option B (CloudTrail) is related to AWS logging but is not required solely for onboarding. Option C (Active Directory ID) is not relevant to AWS account onboarding for Prisma Cloud.

Question 3

Which policy type provides information about connections from suspicious IPs in a customer database?

AAnomaly

BThreat detection

CNetwork

DAutoFocus

Answer : A

https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-policies/anomaly-policies

AnAnomalypolicy in Prisma Cloud is designed to provide information about connections from suspicious IPs in a customer database. Anomaly policies are used to detect and alert on unusual activities that deviate from the norm, which can include traffic from known malicious or suspicious IP addresses. These policies help in identifying potential security threats by monitoring for activities that are out of the ordinary, such as unexpected access to a database from an IP address that has not been seen before or is known to be associated with malicious activities.

The documentation link you provided offers detailed guidance on how to configure and manage anomaly policies in Prisma Cloud, ensuring that users can effectively monitor their environments for potential security incidents.

Question 4

Which three platforms support the twistcli tool? (Choose three.)

ALinux

BWindows

CAndroid

DMacOS

ESolaris

Answer : A, B, D

The twistcli tool, part of Prisma Cloud's suite of security tools, supports various platforms for security scanning and configuration. The correct platforms supported by twistcli include:

A . Linux: twistcli is widely used on Linux platforms for scanning container images, host vulnerabilities, and more, making it a correct choice.

B . Windows: twistcli supports Windows, allowing users to perform security scans and checks on Windows-based systems, making it a correct choice.

D . MacOS: twistcli is also compatible with MacOS, enabling security operations on Apple's operating system, making it a correct choice. Option C (Android) and E (Solaris) are not supported platforms for the twistcli tool, according to the available documentation on Prisma Cloud.

Question 5

Which three AWS policy types and identities are used to calculate the net effective permissions? (Choose three).

AAWS service control policies (SCPs)

BAWS IAM group

CAWS IAM role

DAWS IAM User

EAWS IAM tag policy

Answer : A, B, C

In AWS, the net effective permissions are calculated based on various policy types and identities. The correct choices are:

A . AWS service control policies (SCPs): SCPs are used in AWS Organizations to manage permissions for all accounts within the organization, affecting the net effective permissions.

B . AWS IAM group: IAM groups define a set of permissions for a collection of users, influencing their effective permissions.

C . AWS IAM role: IAM roles provide temporary security credentials to assume a set of permissions, impacting the net effective permissions. Option D (AWS IAM User) and E (AWS IAM tag policy) also play roles in defining permissions, but A, B, and C are the primary types used in calculating net effective permissions, making them the correct choices.

Question 6

Which two proper agentless scanning modes are supported with Prisma Cloud? (Choose two).

ASpoke Account Mode

BHub Account Mode

CSame Account Mode

DMain Account Mode

Answer : A, B

Prisma Cloud supports different scanning modes for its agentless scanning feature. Based on the context of cloud environments and typical terminology used in Prisma Cloud documentation, 'Spoke Account Mode' and 'Hub Account Mode' are plausible modes supported for agentless scanning. These modes allow for the extension of scanning capabilities across multiple accounts, with 'Spoke' typically referring to linked accounts and 'Hub' referring to the central account in a hub-and-spoke architecture. Hence, the correct answers are A and B.

Question 7

Which command correctly outputs scan results to stdout in tabular format and writes scan results to a JSON file while still sending the results to Console?

A$ twistcli images scan
--address
--user
--password
--stdout-tabular
--output-file scan-results.json
nginx:latest

B$ twistcli images scan
--address
--username
--password
--details
--json-output scan-results.json
nginx:latest

C$ twistcli images scan
--address
--user
--password
--details
--file-output scan-results.json
nginx:latest

D$ twistcli images scan
--address
--u
--p
--details
--output-file scan-results.json
nginx:latest

Answer : C

The correct command to output scan results to stdout in tabular format and write scan results to a JSON file while still sending the results to Console is:

$ twistcli images scan \

--address <console_address> \

--user <username> \

--password \

--output-file scan-results.json \

--publish \

nginx:latest

This command uses the --output-file option to write the scan results to a file and the --publish option to send the results to the Console. The --stdout-tabular option is not necessary as by default, twistcli writes scan results to stdout in a human-readable format. The placeholders <console_address>, <username>, and should be replaced with the actual address of the Console, and the user's credentials12.

Please replace the placeholders with your actual Prisma Cloud Console address and credentials to execute the command successfully. If you have any more questions or need further assistance, feel free to ask.

Palo Alto Networks PCCSE Prisma Certified Cloud Security Engineer Exam Practice Test