- Home
- Palo Alto Networks
- Prisma Certified Cloud Security Engineer
- PaloAltoNetworks.PCCSE.v2024-04-23.q115
- Question 87
Valid PCCSE Dumps shared by ExamDiscuss.com for Helping Passing PCCSE Exam! ExamDiscuss.com now offer the newest PCCSE exam dumps, the ExamDiscuss.com PCCSE exam questions have been updated and answers have been corrected get the newest ExamDiscuss.com PCCSE dumps with Test Engine here:
Access PCCSE Dumps Premium Version
(260 Q&As Dumps, 35%OFF Special Discount Code: freecram)
<< Prev Question Next Question >>
Question 87/115
Which RQL query will help create a custom identity and access management (1AM) policy to alert on Lambda functions that have permission to terminate FP9 instances?
Correct Answer: A
To create a custom Identity and Access Management (IAM) policy that alerts on Lambda functions with permissions to terminate EC2 instances, the correct RQL query structure involves specifying the source service (Lambda), the destination service (EC2), and the specific action of interest ('ec2:TerminateInstances'). The query should identify configurations where a Lambda function ('source.cloud.service.name = 'lambda' and 'source.cloud.resource.type = 'function') has been granted permissions that allow it to perform the 'ec2:TerminateInstances' action on EC2 instances ('dest.cloud.service.name = 'ec2'). This query helps in identifying and mitigating potential risks associated with overly permissive functions that could inadvertently or maliciously impact the availability of EC2 resources.
- Question List (115q)
- Question 1: A customer has a requirement to scan serverless functions fo...
- Question 2: A customer has a requirement to scan serverless functions fo...
- Question 3: Given the following RQL: (Exhibit) Which audit event snippet...
- Question 4: How are the following categorized? Backdoor account access H...
- Question 5: On which cloud service providers can you receive new API rel...
- Question 6: An administrator has a requirement to ingest all Console and...
- Question 7: The administrator wants to review the Console audit logs fro...
- Question 8: A customer has multiple violations in the environment includ...
- Question 9: One of the resources on the network has triggered an alert f...
- Question 10: What is the most reliable and extensive source for documenta...
- Question 11: Move the steps to the correct order to set up and execute a ...
- Question 12: A customer is interested in PCI requirements and needs to en...
- Question 13: You wish to create a custom policy with build and run subtyp...
- Question 14: Which option shows the steps to install the Console in a Kub...
- Question 15: A customer has Prisma Cloud Enterprise and host Defenders de...
- Question 16: The security team wants to protect a web application contain...
- Question 17: In Prisma Cloud Software Release 22.06 (Kepler), which Regis...
- Question 18: Which command should be used in the Prisma Cloud twistcli to...
- Question 19: Based on the following information, which RQL query will sat...
- Question 20: In which Console menu would an administrator verify whether ...
- Question 21: An administrator wants to retrieve the compliance policies f...
- Question 22: A customer finds that an open alert from the previous day ha...
- Question 23: Which statement applies to Adoption Advisor?...
- Question 24: How does assigning an account group to an administrative use...
- Question 25: Which step should a SecOps engineer implement in order to cr...
- Question 26: Anomaly policy uses which two logs to identify unusual netwo...
- Question 27: A customer wants to monitor its Amazon Web Services (AWS) ac...
- Question 28: An administrator has been tasked with a requirement by your ...
- Question 29: Which two filters are available in the SecOps dashboard? (Ch...
- Question 30: Which two statements apply to the Defender type Container De...
- Question 31: The security team wants to enable the "block" option under c...
- Question 32: Put the steps of integrating Okta with Prisma Cloud in the r...
- Question 33: The attempted bytes count displays?...
- Question 34: Which two elements are included in the audit trail section o...
- Question 35: Which three incident types will be reflected in the Incident...
- Question 36: Per security requirements, an administrator needs to provide...
- Question 37: Which component(s), if any, will Palo Alto Networks host and...
- Question 38: Which two fields are required to configure SSO in Prisma Clo...
- Question 39: Which alert deposition severity must be chosen to generate l...
- Question 40: Which three fields are mandatory when authenticating the Pri...
- Question 41: Which two attributes are required for a custom config RQL? (...
- Question 42: An administrator for Prisma Cloud needs to obtain a graphica...
- Question 43: A customer has a large environment that needs to upgrade Con...
- Question 44: Which three actions are required in order to use the automat...
- Question 45: Which data storage type is supported by Prisma Cloud Data Se...
- Question 46: You are tasked with configuring a Prisma Cloud build policy ...
- Question 47: Which type of query is used for scanning Infrastructure as C...
- Question 48: Which statement about build and run policies is true?...
- Question 49: A customer does not want alerts to be generated from network...
- Question 50: Which options show the steps required after upgrade of Conso...
- Question 51: When an alert notification from the alarm center is deleted,...
- Question 52: The development team is building pods to host a web front en...
- Question 53: Web-Application and API Security (WAAS) provides protection ...
- Question 54: Which Prisma Cloud policy type detects port scanning activit...
- Question 55: An administrator has deployed Console into a Kubernetes clus...
- Question 56: Which command correctly outputs scan results to stdout in ta...
- Question 57: Console is running in a Kubernetes cluster, and Defenders ne...
- Question 58: Which three public cloud providers are supported for VM imag...
- Question 59: What must be created in order to receive notifications about...
- Question 60: Which statement is true regarding CloudFormation templates?...
- Question 61: A customer wants to scan a serverless function as part of a ...
- Question 62: A security team notices a number of anomalies under Monitor ...
- Question 63: Which three steps are involved in onboarding an account for ...
- Question 64: A security team has been asked to create a custom policy. Wh...
- Question 65: The compliance team needs to associate Prisma Cloud policies...
- Question 66: On which cloud service providers can new API release informa...
- Question 67: Taking which action will automatically enable all severity l...
- Question 68: Which three types of buckets exposure are available in the D...
- Question 69: Which role must be assigned to DevOps users who need access ...
- Question 70: If you are required to run in an air-gapped environment, whi...
- Question 71: Given the following audit event activity snippet: (Exhibit) ...
- Question 72: What is the purpose of Incident Explorer in Prisma Cloud Com...
- Question 73: Which three OWASP protections are part of Prisma Cloud Web-A...
- Question 74: Which policy type in Prisma Cloud can protect against malwar...
- Question 75: What is required for Prisma Cloud to successfully execute au...
- Question 76: An administrator sees that a runtime audit has been generate...
- Question 77: When would a policy apply if the policy is set under Defend ...
- Question 78: A customer has a requirement to terminate any Container from...
- Question 79: Which order of steps map a policy to a custom compliance sta...
- Question 80: Which two integrations enable ingesting host findings to gen...
- Question 81: Which of the below actions would indicate - "The timestamp o...
- Question 82: Order the steps involved in onboarding an AWS Account for us...
- Question 83: Which three actions are available for the container image sc...
- Question 84: Which ROL query is used to detect certain high-risk activiti...
- Question 85: What is an example of an outbound notification within Prisma...
- Question 86: An administrator wants to install the Defenders to a Kuberne...
- Question 87: Which RQL query will help create a custom identity and acces...
- Question 88: Which three AWS policy types and identities are used to calc...
- Question 89: A business unit has acquired a company that has a very large...
- Question 90: A Systems Engineer is the administrator of a self-hosted Pri...
- Question 91: You are an existing customer of Prisma Cloud Enterprise. You...
- Question 92: Prisma Cloud supports sending audit event records to which t...
- Question 93: Which two integrated development environment (IDE) plugins a...
- Question 94: In Prisma Cloud for Azure Net Effective Permissions Calculat...
- Question 95: Which port should a security team use to pull data from Cons...
- Question 96: Put the steps involved to configure and scan using the Intel...
- Question 97: Which of the following is displayed in the asset inventory?...
- Question 98: Which three types of classifications are available in the Da...
- Question 99: What should be used to associate Prisma Cloud policies with ...
- Question 100: Which step is included when configuring Kubernetes to use Pr...
- Question 101: An administrator has access to a Prisma Cloud Enterprise. Wh...
- Question 102: What is the correct method for ensuring key-sensitive data r...
- Question 103: Which component of a Kubernetes setup can approve, modify, o...
- Question 104: How many CLI remediation commands can be added in a custom p...
- Question 105: Which Defender type performs registry scanning?...
- Question 106: Which RQL will trigger the following audit event activity? (...
- Question 107: Which intensity setting for anomaly alerts is used for the m...
- Question 108: Which alerts are fixed by enablement of automated remediatio...
- Question 109: Which two statements are true about the differences between ...
- Question 110: A security team has a requirement to ensure the environment ...
- Question 111: An administrator of Prisma Cloud wants to enable role-based ...
- Question 112: A security team is deploying Cloud Native Application Firewa...
- Question 113: Prisma Cloud cannot integrate which of the following secrets...
- Question 114: The InfoSec team wants to be notified via email each time a ...
- Question 115: Which ban for DoS protection will enforce a rate limit for u...
[×]
Download PDF File
Enter your email address to download PaloAltoNetworks.PCCSE.v2024-04-23.q115.pdf