PCCSE Exam Details

  • Exam Code
    :PCCSE
  • Exam Name
    :Prisma Certified Cloud Security Engineer (PCCSE)
  • Certification
    :Palo Alto Networks Certifications
  • Vendor
    :Palo Alto Networks
  • Total Questions
    :281 Q&As
  • Last Updated
    :Mar 25, 2026

Palo Alto Networks PCCSE Online Questions & Answers

  • Question 1:

    DRAG DROP

    What is the order of steps to create a custom network policy?

    (Drag the steps into the correct order of occurrence, from the first step to the last.)

    Select and Place:

  • Question 2:

    The development team wants to fail CI jobs where a specific CVE is contained within the image.

    How should the development team Configure the pipeline or policy to produce this outcome?

    A. Set the specific CVE exception as an option in Jenkins or twistcli.
    B. Set the specific CVE exception as an option in Defender running the scan.
    C. Set the specific CVE exception as an option using the magic string in the Console.
    D. Set the specific CVE exception in Console's CI policy.

  • Question 3:

    Which role must be assigned to DevOps users who need access to deploy Container and Host Defenders in Compute?

    A. Cloud Provisioning Admin
    B. Build and Deploy Security
    C. System Admin
    D. Developer

  • Question 4:

    A customer has a large environment that needs to upgrade Console without upgrading all Defenders at one time.

    What are two prerequisites prior to performing a rolling upgrade of Defenders? (Choose two.)

    A. manual installation of the latest twistcli tool prior to the rolling upgrade
    B. all Defenders set in read-only mode before execution of the rolling upgrade
    C. a second location where you can install the Console
    D. additional workload licenses are required to perform the rolling upgrade
    E. an existing Console at version n-1

  • Question 5:

    Given the following RQL:

    event from cloud.audit_logs where operation IN

    ('v1.compute.urlMaps.update', 'v1.compute.urlMaps.delete',

    'v1.compute.backendServices.delete', 'v1.compute.backendBuckets.delete', 'v1.compute.backendServices.update',

    'v1.compute.globalForwardingRules.delete', 'v1.compute.urlMaps.delete', 'v1.compute.targetHttpsProxies.delete',

    'v1.compute.targetHttpsProxies.setSslPolicy', 'v1.compute.targetHttpsProxies.setSslCertificates')

    Which audit event snippet is identified by the RQL?

    A. "eventTime": "2021-05-19T14:34:08Z", "eventSource": "iam.amazonaws.com", "eventName": "AttachRolePolicy", "awsRegion": "us-east-1"
    B. "payload": { > "requestMetadata": { "callerSuppliedUserAgent": "Terraform/0.14.0 (+https://www.terraform.io) Terraform-Plugin-SDK/2.1.0 terraform-provider-google/3.50.0,gzip(gfe)", "callerIp": "34.235.226.252" }, "request": { "@type": "type.googleapis.com/compute.backendServices.delete" } }
    C. "resource": "projects/_/buckets/gvtest110221", "permission": "storage.buckets.setIamPolicy", "resourceAttributes": {}, "granted": true
    D. "userIdentity": { "type": "Root", "principalId": "6849955112A19", "arn": "arn:aws:iam::6849955112A9:root", "accountId": "6899955140219", "accessKeyId": "*" }

  • Question 6:

    One of the resources on the network has triggered an alert for a Default config policy. Given the following resource JSON snippet:

    Which RQL detected the vulnerability?

    A. config from cloud.resource where api.name = 'aws-ecs-service' AND json.rule = launchType equals EC2 as X; config from cloud.resource where api.name = 'aws-ecs-cluster' AND json.rule = status equals ACTIVE and registeredContainerInstancesCount equals 0 as Y; filter '$.X.clusterArn equals $.Y.clusterArn'; show Y;
    B. config from cloud.resource where cloud.type = 'aws' and api.name = 'aws-iam-get-credential-report' AND json.rule = '(access_key_1 active is true and access_key_1 last_rotated != N/A and _DateTime.ageInDays(access_key_1 last_rotated) > 90) or (access_key_2 active is true and access_key_2 last_rotated != N/A and DateTime.ageInDays(access_key_2 last_rotated) > 90)'
    C. config from cloud.resource where cloud.type = 'aws' AND api.name = 'aws-ec2-describe-images' AND json.rule = image.platform contains windows and image.imageId contains ami-1e542176
    D. config from cloud.resource where cloud.type = 'aws' AND api.name = 'aws-ec2-describe-security-groups' AND json.rule = isShared is false and (ipPermissions[*].ipProtocol equals tcp or ipProtocol equals icmp or ipProtocol equals icmpv6 or ipProtocol equals udp) and (ipRanges[*] contains 0.0.0.0/0 or ipv6Ranges[*].cidrIpv6 contains ::/0)) exists

  • Question 7:

    Which option identifies the Prisma Cloud Compute Edition?

    A. Package installed with APT
    B. Downloadable, self-hosted software
    C. Software-as-a-Service (SaaS)
    D. Plugin to Prisma Cloud

  • Question 8:

    Which policy type should be used to detect and alert on cryptominer network activity?

    A. Anomaly
    B. Config-run
    C. Config-build
    D. Audit event

  • Question 9:

    An administrator wants to enforce a rate limit for users not being able to post five (5) .tar.gz files within five (5) seconds.

    What does the administrator need to Configure?

    A. A ban for DoS protection with an average rate of 5 and file extensions match on .tar.gz on WAAS
    B. A ban for DoS protection with a burst rate of 5 and file extensions match on .tar.gz on CNNF
    C. A ban for DoS protection with a burst rate of 5 and file extensions match on .tar gz on WAAS
    D. A ban for DoS protection with an average rate of 5 and file extensions match on .tar.gz on CNNF

  • Question 10:

    How can an administrator investigate runtime security incidents in Prisma Cloud Compute?

    A. Monitor > Events > Runtime Audits
    B. Manage > Alerts > Audit Logs
    C. Defend > Compliance > Investigate
    D. Policies > Enforcement Actions

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PCCSE exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.