Which two processes ensure that builds can function after a Console upgrade? (Choose two.)
Answer : AB
The compliance team needs to associate Prisma Cloud policies with compliance frameworks.
Which option should the team select to perform this task?
Answer : B
Reference:
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-compliance/compliance-dashboard.html
Review this admission control policy:
match[{"msg": msg}] {
input.request.operation == "CREATE"
input.request.kind.kind == "Pod"
input.request.resource.resource == "pods"
input.request.object.spec.containers[_].securityContext.privileged msg := "Privileged"
}
Which response to this policy will be achieved when the effect is set to `block`?
Answer : C
Per security requirements, an administrator needs to provide a list of people who are receiving e-mails for Prisma Cloud alerts.
Where can the administrator locate this list of e-mail recipients?
Answer : A
A customer wants to scan a serverless function as part of a build process.
Which twistcli command can be used to scan serverless functions?
Answer : D
Reference:
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/vulnerability_management/serverless_functions
A customer has a development environment with 50 connected Defenders. A maintenance window is set for Monday to upgrade 30 stand-alone Defenders in the development environment, but there is no maintenance window available until Sunday to upgrade the remaining 20 stand-alone Defenders.
Which recommended action manages this situation?
Answer : A
What is an example of an outbound notification within Prisma Cloud?
Answer : D
A security team has been asked to create a custom policy.
Which two methods can the team use to accomplish this goal? (Choose two.)
Answer : AB
Reference:
https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin/prisma-cloud-policies/manage-prisma-cloud-policies
The security auditors need to ensure that given compliance checks are being run on the host.
Which option is a valid host compliance policy?
Answer : C
DRAG DROP -
Match the correct scanning mode for each given operation.
(Select your answer from the pull-down list. Answers may be used more than once or not at all.)
Select and Place:
Answer :
A customer wants to be notified about port scanning network activities in their environment.
Which policy type detects this behavior?
Answer : A
A security team is deploying Cloud Native Application Firewall (CNAF) on a containerized web application. The application is running an NGINX container. The container is listening on port 8080 and is mapped to host port 80.
Which port should the team specify in the CNAF rule to protect the application?
Answer : C
Reference:
https://docs.paloaltonetworks.com/prisma/prisma-cloud/19-11/prisma-cloud-compute-edition-admin/firewalls/deploy_cnaf.html
Which three types of buckets exposure are available in the Data Security module? (Choose three.)
Answer : CDE
The administrator wants to review the Console audit logs from within the Console.
Which page in the Console should the administrator use to review this data, if it can be reviewed at all?
Answer : D
Reference:
https://docs.twistlock.com/docs/compute_edition/howto/review_debug_logs.html