Palo Alto Networks PCCSE Exam Questions have been Updated
Feb 14,2022
Palo Alto Networks PCCSE exam questions have been updated, which are the best material for you to pass. The Prisma Certified Cloud Security Engineer (PCCSE) certification validates the knowledge, skills and abilities required to onboard, deploy and administer all aspects of Prisma Cloud. PCCSE exam is for anyone who interested in demonstrating knowledge, skill and abilities with Prisma Cloud including cloud security, customer success, DevOps, cloud support, professional services and Appsec engineers, cybersecurity architects, and team leads.
Palo Alto Networks PCCSE Exam
Palo Alto Netwotks PCCSE exam basic information is below.
Number of items: 75 to 85
Format: Multiple choice, scenarios with graphics, and matching
Language: English
Total Seat Time: 80 to 90 minutes
Time for Exam Items: 70 to 80 minutes
Time for reviewing Palo Alto Networks Exam Security: 5 minutes and for Survey 5 minutes
PCCSE Prisma Certified Cloud Security Engineer Exam Topics
List the details of Palo Alto Networks PCCSE exam topics below.
The new updated Palo Alto Networks PCCSE exam questions are the best material for you to test all the above Prisma Certified Cloud Security Engineer (PCCSE) topics. Share some updated Palo Alto Networks PCCSE exam questions and answers below.
A customer has a requirement to scan serverless functions for vulnerabilities. What is the correct option to configure scanning?
A. Configure serverless radar from the Defend > Compliance > Cloud Platforms page.
B. Use Lambda layers to deploy a Defender into the function.
C. Embed serverless Defender into the function.
D. Configure a function scan policy from the Defend > Vulnerabilities > Functions page.
Answer: C
A security team has a requirement to ensure the environment is scanned for vulnerabilities. What are three options for configuring vulnerability policies? (Choose three.)
A. apply policy only when vendor fix is available
B. individual actions based on package type
C. output verbosity for blocked requests
D. individual grace periods for each severity level
E. customize message on blocked requests
Answer: ACD
An administrator wants to enforce a rate limit for users not being able to post five (5) .tar.gz files within five (5) seconds.<br />What does the administrator need to configure?
A. A ban for DoS protection with an average rate of 5 and file extensions match on .tar.gz on WAAS
B. A ban for DoS protection with an average rate of 5 and file extensions match on .tar.gz on CNNF
C. A ban for DoS protection with a burst rate of 5 and file extensions match on .tar.gz on CNNF
D. A ban for DoS protection with a burst rate of 5 and file extensions match on .tar gz on WAAS
Answer: D
A manager informs the SOC that one or more RDS instances have been compromised and the SOC needs to make sure production RDS instances are NOT publicly accessible. Which action should the SOC take to follow security best practices?
A. Enable "AWS S3 bucket is publicly accessible" policy and manually remediate each alert.
B. Enable "AWS RDS database instance is publicly accessible" policy and for each alert, check that it is a production instance, and then manually remediate.
C. Enable "AWS S3 bucket is publicly accessible" policy and add policy to an auto-remediation alert rule.
D. Enable "AWS RDS database instance is publicly accessible" policy and add policy to an auto-remediation alert rule.
Answer: D
The InfoSec team wants to be notified via email each time a Security Group is misconfigured. Which Prisma Cloud tab should you choose to complete this request?
A. Policies
B. Notifications
C. Events
D. Alert Rules
Answer: A