Free Palo Alto Networks PCCSE Exam Actual Questions

The questions for PCCSE were last updated On Nov 8, 2024

Question No. 1

A customer has a requirement to scan serverless functions for vulnerabilities.

Which three settings are required to configure serverless scanning? (Choose three.)

Show Answer Hide Answer
Correct Answer: B, C, E

To configure serverless scanning in a cloud security platform like Prisma Cloud, the system needs to know where (Region) the serverless functions are deployed, how to access them (Credential), and on which cloud platform they are running (Provider). These settings ensure that the scanning tool can accurately locate and authenticate to the serverless functions across different cloud environments for vulnerability assessment. This aligns with the principle of providing comprehensive visibility and consistent security across multi-cloud environments as outlined in the 'Guide to Cloud Security Posture Management Tools' document.


Question No. 2

Which two elements are included in the audit trail section of the asset detail view? (Choose two).

Show Answer Hide Answer
Correct Answer: A, D

The audit trail section of an asset's detail view in Prisma Cloud typically includes a log of configuration changes and alert and vulnerability events associated with the asset. These elements are crucial for tracking the history of modifications to an asset's configuration and the security incidents that have affected it. This information is instrumental in understanding the security posture of the asset over time and in conducting thorough investigations after a security event has been detected.


Question No. 3

Given the following RQL:

Which audit event snippet is identified by the RQL?

A)

B)

C)

D)

Show Answer Hide Answer
Correct Answer: B

Question No. 4

Which of the following are correct statements regarding the use of access keys? (Choose two.)

Show Answer Hide Answer
Correct Answer: B, D

Regarding the use of access keys, it is correct that up to two access keys can be active at any time for a single IAM user in AWS, and access keys are used for programmatic API calls to AWS services. This allows for rotation of keys without immediate invalidation of the old key and ensures secure access to AWS services via APIs.


Question No. 5

Which RQL query will help create a custom identity and access management (1AM) policy to alert on Lambda functions that have permission to terminate EC2 instances?

Show Answer Hide Answer
Correct Answer: D