1. Home
  2. Palo Alto Networks
  3. PCCSE

Prisma Certified Cloud Security Engineer (PCCSE)

Exam Details

  • Exam Code
    :PCCSE
  • Exam Name
    :Prisma Certified Cloud Security Engineer (PCCSE)
  • Certification
    :Palo Alto Networks Certifications
  • Vendor
    :Palo Alto Networks
  • Total Questions
    :281 Q&As
  • Last Updated
    :May 04, 2025

Palo Alto Networks Palo Alto Networks Certifications PCCSE Questions & Answers

  • Question 71:

    Which action would be applicable after enabling anomalous compute provisioning?

    A. It detects the activity caused by the spambot.

    B. It detects unusual server port activity or unusual protocol activity from a client within or outside the cloud environment.

    C. It detects potential creation of an unauthorized network of compute instances with AutoFocus.

    D. It detects potential creation of an unauthorized network of compute instances either accidentally or for cryptojacking.

  • Question 72:

    Which IAM Azure RQL query would correctly generate an output to view users who have suffcient permissions to create security groups within Azure AD and create applications?

    A. config where api.name = `azure-active-directory-authorization-policy' AND json.rule = defaultUserRolePermissions.allowedToCreateSecurityGroups is true and defaultUserRolePermissions.allowedToCreateApps is true

    B. config from cloud.resource where api.name = `azure-active-directory-authorization-policy' AND json.rule = defaultUserRolePermissions exists

    C. config from network where api.name = `azure-active-directory-authorization-policy' AND json.rule = defaultUserRolePermissions.allowedToCreateSecurityGroups is false and defaultUserRolePermissions.allowedToCreateApps is true

    D. config from cloud.resource where api.name = `azure-active-directory-authorization-policy' AND json.rule = defaultUserRolePermissions.allowedToCreateSecurityGroups is true and defaultUserRolePermissions.allowedToCreateApps is true

  • Question 73:

    What is the function of the external ID when onboarding a new Amazon Web Services (AWS) account in Prisma Cloud?

    A. It is a unique identifier needed only when Monitor and Protect mode is selected.

    B. It is the resource name for the Prisma Cloud Role.

    C. It is a UUID that establishes a trust relationship between the Prisma Cloud account and the AWS account in order to extract data.

    D. It is the default name of the PrismaCloudApp stack.

  • Question 74:

    In which two ways can Prisma Cloud images be retrieved in Prisma Cloud Compute Self-Hosted Edition? (Choose two.)

    A. Pull the images from the Prisma Cloud registry without any authentication.

    B. Authenticate with Prisma Cloud registry, and then pull the images from the Prisma Cloud registry.

    C. Retrieve Prisma Cloud images using URL auth by embedding an access token.

    D. Download Prisma Cloud images from github.paloaltonetworks.com.

  • Question 75:

    An administrator has added a Cloud account on Prisma Cloud and then deleted it.

    What will happen if the deleted account is added back on Prisma Cloud within a 24-hour period?

    A. No alerts will be displayed.

    B. Existing alerts will be displayed again.

    C. New alerts will be generated.

    D. Existing alerts will be marked as resolved.

  • Question 76:

    Which three elements are part of SSH Events in Host Observations? (Choose three.)

    A. Startup process

    B. User

    C. System calls

    D. Process path

    E. Command

  • Question 77:

    Which two variables must be modified to achieve automatic remediation for identity and access management (IAM) alerts in Azure cloud? (Choose two.)

    A. API_ENDPOINT

    B. SQS_QUEUE_NAME

    C. SB_QUEUE_KEY

    D. YOUR_ACCOUNT_NUMBER

  • Question 78:

    Which two roles have access to view the Prisma Cloud policies? (Choose two.)

    A. Build AND Deploy Security

    B. Auditor

    C. Dev SecOps

    D. Defender Manager

  • Question 79:

    Which three actions are required in order to use the automated method within Azure Cloud to streamline the process of using remediation in the identity and access management (IAM) module? (Choose three.)

    A. Install boto3 and requests library.

    B. Configure IAM Azure remediation script.

    C. Integrate with Azure Service Bus.

    D. Configure IAM AWS remediation script.

    E. Install azure.servicebus and requests library.

  • Question 80:

    How often do Defenders share logs with Console?

    A. Every 10 minutes

    B. Every 30 minutes

    C. Every 1 hour

    D. Real time

Related Exams:

Tips on How to Prepare for the Exams

Nowadays, the certification exams become more and more important and required by more and more enterprises when applying for a job. But how to prepare for the exam effectively? How to prepare for the exam in a short time with less efforts? How to get a ideal result and how to find the most reliable resources? Here on Vcedump.com, you will find all the answers. Vcedump.com provide not only Palo Alto Networks exam questions, answers and explanations but also complete assistance on your exam preparation and certification application. If you are confused on your PCCSE exam preparations and Palo Alto Networks certification application, do not hesitate to visit our Vcedump.com to find your solutions here.