A customer has a large environment that needs to upgrade Console without upgrading all Defenders at one time. What are two prerequisites prior to performing a rolling upgrade of Defenders? (Choose two.)
A. manual installation of the latest twistcli tool prior to the rolling upgrade
B. all Defenders set in read-only mode before execution of the rolling upgrade
C. a second location where you can install the Console
D. additional workload licenses are required to perform the rolling upgrade
E. an existing Console at version n-1
The administrator wants to review the Console audit logs from within the Console. Which page in the Console should the administrator use to review this data, if it can be reviewed at all?
A. Navigate to Monitor > Events > Host Log Inspection
B. The audit logs can be viewed only externally to the Console
C. Navigate to Manage > Defenders > View Logs
D. Navigate to Manage > View Logs > History
Which statement is true regarding CloudFormation templates?
A. Scan support does not currently exist for nested references, macros, or intrinsic functions.
B. A single template or a zip archive of template files cannot be scanned with a single API request.
C. Request-Header-Field 'cloudformation-version' is required to request a scan.
D. Scan support is provided for JSON, HTML and YAML formats.
Which three types of buckets exposure are available in the Data Security module? (Choose three.)
A. Public
B. Private
C. International
D. Differential
E. Conditional
A security team is deploying Cloud Native Application Firewall (CNAF) on a containerized web application. The application is running an NGINX container. The container is listening on port 8080 and is mapped to host port 80. Which port should the team specify in the CNAF rule to protect the application?
A. 443
B. 80
C. 8080
D. 8888
A customer wants to be notified about port scanning network activities in their environment. Which policy type detects this behavior?
A. Network
B. Port Scan
C. Anomaly
D. config
The security auditors need to ensure that given compliance checks are being run on the host. Which option is a valid host compliance policy?
A. Ensure functions are not overly permissive.
B. Ensure host devices are not directly exposed to containers.
C. Ensure images are created with a non-root user.
D. Ensure compliant Docker daemon configuration.
A security team has been asked to create a custom policy.
Which two methods can the team use to accomplish this goal? (Choose two.)
A. add a new policy
B. clone an existing policy
C. disable an out-of-the-box policy
D. edit the query in the out-of-the-box policy
What is an example of an outbound Notification within Prisma Cloud?
A. AWS Inspector
B. Qualys
C. Tenable
D. PagerDuty
A customer has a development environment with 50 connected Defenders. A maintenance window is set for Monday to upgrade 30 stand-alone Defenders in the development environment, but there is no maintenance window available until
Sunday to upgrade the remaining 20 stand-alone Defenders.
Which recommended action manages this situation?
A. Go to Manage > Defender > Manage, then click Defenders, and use the Scheduler to choose which Defenders will be automatically upgraded during the maintenance window.
B. Find a maintenance window that is suitable to upgrade all stand-alone Defenders in the development environment.
C. Upgrade a subset of the Defenders by clicking the individual Actions > Upgrade button in the row that corresponds to the Defender that should be upgraded during the maintenance window.
D. Open a support case with Palo Alto Networks to arrange an automatic upgrade.
Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PCCSE exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.