[2023年更新]合格できるPCCSE試験にはリアルな問題解答 [Q61-Q78]

Share

[2023年更新]合格できるPCCSE試験にはリアルな問題解答

PCCSE試験問題ゲット最新[2023]と正解回答

質問 # 61
The security team wants to target a CMAF policy for specific running Containers How should the administrator scope the policy to target the Containers?

  • A. scope the policy to Image names
  • B. scope the policy to Defender names.
  • C. scope the policy to Host names
  • D. scope the policy to namespaces

正解:D


質問 # 62
A customer does not want alerts to be generated from network traffic that originates from trusted internal networks.
Which setting should you use to meet this customer's request?

  • A. Enterprise Alert Disposition
  • B. Anomaly Trusted List
  • C. Trusted Login IP Addresses
  • D. Trusted Alert IP Addresses

正解:D

解説:
Section: (none)
Explanation


質問 # 63
Which statement about build and run policies is true?

  • A. Run policies monitor network activities in the environment and check for potential issues during runtime
  • B. Every type of policy has auto-remediation enabled by default.
  • C. Build policies enable you to check for security misconfigurations in the laC templates.
  • D. The four main types of policies are Audit Events. Build. Network, and Run.

正解:A


質問 # 64
Which of the following is displayed in the asset inventory?

  • A. Asset tags
  • B. SSO users
  • C. EC2 instances
  • D. Federated users

正解:C


質問 # 65
What is the order of steps in a Jenkins pipeline scan?
(Drag the steps into the correct order of occurrence, from the first step to the last.)

正解:

解説:

Explanation
Table Description automatically generated with medium confidence


質問 # 66
One of the resources on the network has triggered an alert for a Default Config policy.
Given the following resource JSON snippet:

Which RQL detected the vulnerability?
A)

B)

C)

D)

  • A. Option B
  • B. Option D
  • C. Option A
  • D. Option C

正解:A


質問 # 67
A customer wants to be notified about port scanning network activities in their environment. Which policy type detects this behavior?

  • A. Config
  • B. Network
  • C. Port Scan
  • D. Anomaly

正解:B


質問 # 68
An administrator wants to install the Defenders to a Kubernetes cluster. This cluster is running the console on the default service endpoint and will be exporting to YAML Console Address SCONSOLE_ADDRESS Websocket Address SWEBSOCKHT_ADDRESS User: SADMIN USER Which command generates the YAML file for Defender install?
A)

B)

C)

D)

  • A. Option D
  • B. Option C
  • C. Option A
  • D. Option B

正解:C


質問 # 69
What will happen when a Prisma Cloud Administrator has configured agentless scanning in an environment that also has Host and Container Defenders deployed?

  • A. Both agentless and Defender scans will be disabled and an error message will be received.
  • B. Agentless scan will automatically be disabled, so Defender scans are the only scans occurring.
  • C. Agentless scans do not conflict with Defender scans, so both will run.
  • D. Defender scans will automatically be disabled, so agentless scans are the only scans occurring.

正解:C


質問 # 70
Which API calls can scan an image named myimage: latest with twistcli and then retrieve the results from Console?

  • A. $ twistcli images scan \
    --address <COMPUTE_CONSOLE> \
    --user <COMPUTER_CONSOLE_USER> \
    --password <COMPUTER_CONSOLE_PASSWD> \
    --console \
    myimage: latest
  • B. $ twistcli images scan \
    --address <COMPUTE_CONSOLE> \
    --user <COMPUTER_CONSOLE_USER> \
    --password <COMPUTER_CONSOLE_PASSWD> \
    --verbose \
    myimage: latest
  • C. $ twistcli images scan \
    --address <COMPUTE_CONSOLE> \
    --user <COMPUTER_CONSOLE_USER> \
    --password <COMPUTER_CONSOLE_PASSWD> \
    myimage: latest
  • D. $ twistcli images scan \
    --address <COMPUTE_CONSOLE> \
    --user <COMPUTER_CONSOLE_USER> \
    --password <COMPUTER_CONSOLE_PASSWD> \
    --details \
    myimage: latest

正解:D


質問 # 71
An administrator has deployed Console into a Kubernetes cluster running in AWS. The administrator also has configured a load balancer in TCP passthrough mode to listen on the same ports as the default Prisma Compute Console configuration.
In the build pipeline, the administrator wants twistcli to talk to Console over HTTPS. Which port will twistcli need to use to access the Prisma Compute APIs?

  • A. 0
  • B. 1
  • C. 2
  • D. 3

正解:D

解説:
https://docs.prismacloudcompute.com/docs/compute_edition_21_04/tools/twistcli.html#connectivity-to-console


質問 # 72
A security team has a requirement to ensure the environment is scanned for vulnerabilities. What are three options for configuring vulnerability policies? (Choose three.)

  • A. individual actions based on package type
  • B. apply policy only when vendor fix is available
  • C. individual grace periods for each severity level
  • D. output verbosity for blocked requests
  • E. customize message on blocked requests

正解:A、C、D


質問 # 73
Which two of the following are required to be entered on the IdP side when setting up SSO in Prisma Cloud?
(Choose two.)

  • A. Username
  • B. SSO Certificate
  • C. Assertion Consumer Service (ACS) URL
  • D. SP (Service Provider) Entity ID

正解:B、D


質問 # 74
Match the service on the right that evaluates each exposure type on the left.
(Select your answer from the pull-down list. Answers may be used more than once or not at all.)

正解:

解説:

Reference:
https://www.paloaltonetworks.com/prisma/cloud/cloud-data-security


質問 # 75
What is the order of steps in a Jenkins pipeline scan?
(Drag the steps into the correct order of occurrence, from the first step to the last.)

正解:

解説:


質問 # 76
How are the following categorized?
Backdoor account access Hijacked processes Lateral movement
Port scanning

  • A. admission controllers
  • B. models
  • C. audits
  • D. incidents

正解:D


質問 # 77
An administrator has been tasked with creating a custom service that will download any existing compliance report from a Prisma Cloud Enterprise tenant.
In which order will the APIs be executed for this service?
(Drag the steps into the correct order of occurrence, from the first step to the last.)

正解:

解説:


質問 # 78
......


PCCSE試験は、クラウドセキュリティプロフェッショナルのスキルと知識を検証するために設計された認定プログラムです。この試験は、クラウド環境を安全に保つために重要なクラウドアーキテクチャ、ネットワークセキュリティ、アイデンティティとアクセス管理、データ保護、コンプライアンスなどのトピックをカバーします。PCCSE試験に合格することで、個人はクラウドセキュリティの専門知識を証明し、業界で認められた認定資格を取得することができます。

 

練習できるPCCSE問題で認証試験問題集ガイド解答は練習専門Fast2test:https://jp.fast2test.com/PCCSE-premium-file.html

無料Palo Alto Networks PCCSEテスト練習テスト問題試験問題集:https://drive.google.com/open?id=1JPPHy5e7qcMlK1BNihCiyygd728JvTiF


弊社を連絡する

我々は12時間以内ですべてのお問い合わせを答えます。

我々の働いている時間: ( GMT 0:00-15:00 )
月曜日から土曜日まで

サポート: 現在連絡 

English Deutsch 繁体中文 한국어