Summer Special Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: exc65

A customer has a requirement to terminate any Container from image topSecret:latest when a process named ransomWare is executed.

How should the administrator configure Prisma Cloud Compute to satisfy this requirement?

A.

set the Container model to manual relearn and set the default runtime rule to block for process protection.

B.

set the Container model to relearn and set the default runtime rule to prevent for process protection.

C.

add a new runtime policy targeted at a specific Container name, add ransomWare process into the denied process list, and set the action to “prevent”.

D.

choose “copy into rule” for the Container, add a ransomWare process into the denied process list, and set the action to “block”.

A customer is reviewing Container audits, and an audit has identified a cryptominer attack. Which three options could have generated this audit? (Choose three.)

A.

The value of the mined currency exceeds $100.

B.

High CPU usage over time for the container is detected.

C.

Common cryptominer process name was found.

D.

The mined currency is associated with a user token.

E.

Common cryptominer port usage was found.

Where can Defender debug logs be viewed? (Choose two.)

A.

/var/lib/twistlock/defender.log

B.

From the Console, Manage > Defenders > Manage > Defenders. Select the Defender from the deployed Defenders list, then click Actions > Logs

C.

From the Console, Manage > Defenders > Deploy > Defenders. Select the Defender from the deployed Defenders list, then click Actions > Logs

D.

/var/lib/twistlock/log/defender.log

A Prisma Cloud administrator is tasked with pulling a report via API. The Prisma Cloud tenant is located on app2.prismacloud.io.

What is the correct API endpoint?

A.

https://api.prismacloud.io

B.

https://api2.eu.prismacloud.io

C.

httsp://api.prismacloud.cn

D.

https://api2.prismacloud.io

What happens when a role is deleted in Prisma Cloud?

A.

The access key associated with that role is automatically deleted.

B.

Any integrations that use the access key to make calls to Prisma Cloud will stop working.

C.

The users associated with that role will be deleted.

D.

Any user who uses that key will be deleted.

Which role must be assigned to DevOps users who need access to deploy Container and Host Defenders in Compute?

A.

Cloud Provisioning Admin

B.

Build and Deploy Security

C.

System Admin

D.

Developer

What is the purpose of Incident Explorer in Prisma Cloud Compute under the "Monitor" section?

A.

To sort through large amounts of audit data manually in order to identify developing attacks

B.

To store large amounts of forensic data on the host where Console runs to enable a more rapid and effective

response to incidents

C.

To correlate individual events to identify potential attacks and provide a sequence of process, file system, and network events for a comprehensive view of an incident

D.

To identify and suppress all audit events generated by the defender

Which categories does the Adoption Advisor use to measure adoption progress for Cloud Security Posture Management?

A.

Visibility, Compliance, Governance, and Threat Detection and Response

B.

Network, Anomaly, and Audit Event

C.

Visibility, Security, and Compliance

D.

Foundations, Advanced, and Optimize

The development team wants to block Cross Site Scripting attacks from pods in its environment. How should the team construct the CNAF policy to protect against this attack?

A.

create a Host CNAF policy, targeted at a specific resource, check the box for XSS attack protection, and set the action to “prevent”.

B.

create a Container CNAF policy, targeted at a specific resource, check the box for XSS attack protection, and set the action to alert.

C.

create a Container CNAF policy, targeted at a specific resource, check the box for XSS protection, and set the action to prevent.

D.

create a Container CNAF policy, targeted at a specific resource, and they should set “Explicitly allowed inbound IP sources” to the IP address of the pod.

Which three options for hardening a customer environment against misconfiguration are included in Prisma Cloud Compute compliance enforcement for hosts? (Choose three.)

A.

Serverless functions

B.

Docker daemon configuration

C.

Cloud provider tags

D.

Host configuration

E.

Hosts without Defender agents