Which two integrations enable ingesting host findings to generate alerts? (Choose two.)
You are an existing customer of Prisma Cloud Enterprise. You want to onboard a public cloud account and immediately see all of the alerts associated with this account based off ALL of your tenant’s existing enabled policies. There is no requirement to send alerts from this account to a downstream application at this time.
Which option shows the steps required during the alert rule creation process to achieve this objective?
A customer has a development environment with 50 connected Defenders. A maintenance window is set for Monday to upgrade 30 stand-alone Defenders in the development environment, but there is no maintenance window available until Sunday to upgrade the remaining 20 stand-alone Defenders.
Which recommended action manages this situation?
What improves product operationalization by adding visibility into feature utilization and missed opportunities?
A user from an organization is unable to log in to Prisma Cloud Console after having logged in the previous day.
Which area on the Console will provide input on this issue?
Which two bot types are part of Web Application and API Security (WAAS) bot protection? (Choose two.)
Which two required request headers interface with Prisma Cloud API? (Choose two.)
An administrator has access to a Prisma Cloud Enterprise.
What are the steps to deploy a single container Defender on an ec2 node?
Which RQL query will help create a custom identity and access management (1AM) policy to alert on Lambda functions that have permission to terminate FP9 instances?
If you are required to run in an air-gapped environment, which product should you install?
In Prisma Cloud for Azure Net Effective Permissions Calculation, the following Azure permission levels are supported by which three permissions? (Choose three).
In which two ways can Prisma Cloud images be retrieved in Prisma Cloud Compute Self-Hosted Edition? (Choose two.)
What should be used to associate Prisma Cloud policies with compliance frameworks?
Which two CI/CD plugins are supported by Prisma Cloud as part of its DevOps Security? (Choose two.).
When an alert notification from the alarm center is deleted, how many hours will a similar alarm be suppressed by default?
The administrator wants to review the Console audit logs from within the Console.
Which page in the Console should the administrator use to review this data, if it can be reviewed at all?
What is the behavior of Defenders when the Console is unreachable during upgrades?
Which two services require external notifications to be enabled for policy violations in the Prisma Cloud environment? (Choose two.)
Given the following audit event activity snippet:
Which RQL will be triggered by the audit event?
A)
B)
C)
D)
Under which tactic is “Exploit Public-Facing Application†categorized in the ATT&CK framework?
Which of the following is not a supported external integration for receiving Prisma Cloud Code Security notifications?
Which two offerings will scan container images in Jenkins pipelines? (Choose two.)
What is the order of steps in a Jenkins pipeline scan?
(Drag the steps into the correct order of occurrence, from the first step to the last.)
The compliance team needs to associate Prisma Cloud policies with compliance frameworks. Which option should the team select to perform this task?
A Prisma Cloud administrator is tasked with pulling a report via API. The Prisma Cloud tenant is located on app2.prismacloud.io.
What is the correct API endpoint?
Which API calls can scan an image named myimage: latest with twistcli and then retrieve the results from Console?
An administrator of Prisma Cloud wants to enable role-based access control for Docker engine.
Which configuration step is needed first to accomplish this task?
In Azure, what permissions need to be added to Management Groups to allow Prisma Cloud to calculate net effective permissions?
Order the steps involved in onboarding an AWS Account for use with Data Security feature.
The Unusual protocol activity (Internal) network anomaly is generating too many alerts. An administrator has been asked to tune it to the option that will generate the least number of events without disabling it entirely.
Which strategy should the administrator use to achieve this goal?
A security team has a requirement to ensure the environment is scanned for vulnerabilities. What are three options for configuring vulnerability policies? (Choose three.)
A customer wants to scan a serverless function as part of a build process. Which twistcli command can be used to scan serverless functions?
Which three actions are required in order to use the automated method within Azure Cloud to streamline the process of using remediation in the identity and access management (IAM) module? (Choose three.)
An administrator wants to enforce a rate limit for users not being able to post five (5) .tar.gz files within five (5) seconds.
What does the administrator need to configure?
A customer is reviewing Container audits, and an audit has identified a cryptominer attack. Which three options could have generated this audit? (Choose three.)
Which three steps are involved in onboarding an account for Data Security? (Choose three.)
Match the service on the right that evaluates each exposure type on the left.
(Select your answer from the pull-down list. Answers may be used more than once or not at all.)
Which alert deposition severity must be chosen to generate low and high severity alerts in the Anomaly settings when user wants to report on an unknown browser and OS, impossible time travel, or both due to account hijacking attempts?
Which three OWASP protections are part of Prisma Cloud Web-Application and API Security (WAAS) rule? (Choose three.)
Which three public cloud providers are supported for VM image scanning? (Choose three.)
What is an automatically correlated set of individual events generated by the firewall and runtime sensors to identify unfolding attacks?
Which three types of buckets exposure are available in the Data Security module? (Choose three.)
A Prisma Cloud Administrator onboarded an AWS cloud account with agentless scanning enabled successfully to Prisma Cloud. Which item requires deploying defenders to be able to inspect the risk on the onboarded AWS account?
An administrator wants to retrieve the compliance policies for images scanned in a continuous integration (CI) pipeline.
Which endpoint will successfully execute to enable access to the images via API?
Web-Application and API Security (WAAS) provides protection for which two protocols? (Choose two.)
Review this admission control policy:
match[{"msg": msg}] { input.request.operation == "CREATE" input.request.kind.kind == "Pod" input.request.resource.resource == "pods"
input.request.object.spec.containers[_].securityContext.privileged msg := "Privileged"
}
Which response to this policy will be achieved when the effect is set to “block�
An administrator has been tasked with a requirement by your DevSecOps team to write a script to continuously query programmatically the existing users, and the user’s associated permission levels, in a Prisma Cloud Enterprise tenant.
Which public documentation location should be reviewed to help determine the required attributes to carry out this step?
Which two elements are included in the audit trail section of the asset detail view? (Choose two).
Which of the following are correct statements regarding the use of access keys? (Choose two.)
An administrator wants to install the Defenders to a Kubernetes cluster. This cluster is running the console on the default service endpoint and will be exporting to YAML.
Console Address: $CONSOLE_ADDRESS Websocket Address: $WEBSOCKET_ADDRESS User: $ADMIN_USER
Which command generates the YAML file for Defender install?
Prisma Cloud supports which three external systems that allow the import of vulnerabilities and provide additional context on risks in the cloud? (Choose three.)
In Prisma Cloud Software Release 22.06 (Kepler), which Registry type is added?
A Systems Engineer is the administrator of a self-hosted Prisma Cloud console. They upgraded the console to the latest version. However, after the upgrade, the console does not show all the policies configured. Before they upgraded the console, they created a backup manually and exported it to a local drive. Now they have to install a Prisma Cloud to restore from the backup that they manually created. Which Prisma Cloud version can they can restore with the backup?
What is the purpose of Incident Explorer in Prisma Cloud Compute under the "Monitor" section?
A customer wants to turn on Auto Remediation.
Which policy type has the built-in CLI command for remediation?
A security team notices a number of anomalies under Monitor > Events. The incident response team works with the developers to determine that these anomalies are false positives.
What will be the effect if the security team chooses to Relearn on this image?
Prisma Cloud supports sending audit event records to which three targets? (Choose three.)
Which options show the steps required to upgrade Console when using projects?