Spring Sale Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: scxmas70

CloudSec-Pro Exam Dumps - Palo Alto Networks Cloud Security Professional

Searching for workable clues to ace the Paloalto Networks CloudSec-Pro Exam? You’re on the right place! ExamCert has realistic, trusted and authentic exam prep tools to help you achieve your desired credential. ExamCert’s CloudSec-Pro PDF Study Guide, Testing Engine and Exam Dumps follow a reliable exam preparation strategy, providing you the most relevant and updated study material that is crafted in an easy to learn format of questions and answers. ExamCert’s study tools aim at simplifying all complex and confusing concepts of the exam and introduce you to the real exam scenario and practice it with the help of its testing engine and real exam dumps

Go to page:
Question # 17

A security team has been asked to create a custom policy.

Which two methods can the team use to accomplish this goal? (Choose two.)

A.

add a new policy

B.

clone an existing policy

C.

disable an out-of-the-box policy

D.

edit the query in the out-of-the-box policy

Full Access
Question # 18

Which IAM RQL query would correctly generate an output to view users who enabled console access with both access keys and passwords?

A.

config from network where api.name = ‘aws-iam-get-credential-report’ AND json.rule = cert_1_active is true or cert_2_active is true and password_enabled equals "true"

B.

config from cloud.resource where api.name = 'aws-iam-get-credential-report' AND json.rule = access_key_1_active is true or access_key_2_active is true and password_enabled equals "true"

C.

config from cloud.resource where api.name = 'aws-iam-get-credential-report’ AND json.rule = access_key_1_active is false or access_key_2_active is true and password_enabled equals "*"

D.

config where api.name = ‘aws-iam-get-credential-report' AND json.rule= access_key_1_active is true or access_key_2_active is true and password_enabled equals “true”

Full Access
Question # 19

A customer wants to scan a serverless function as part of a build process. Which twistcli command can be used to scan serverless functions?

A.

twistcli function scan

B.

twistcli scan serverless

C.

twistcli serverless AWS

D.

twiscli serverless scan

Full Access
Question # 20

What should be used to associate Prisma Cloud policies with compliance frameworks?

A.

Compliance

B.

Custom compliance

C.

Alert rules

D.

Policies

Full Access
Question # 21

Which two proper agentless scanning modes are supported with Prisma Cloud? (Choose two).

A.

Spoke Account Mode

B.

Hub Account Mode

C.

Same Account Mode

D.

Main Account Mode

Full Access
Question # 22

What are the two ways to scope a CI policy for image scanning? (Choose two.)

A.

container name

B.

image name

C.

hostname

D.

image labels

Full Access
Question # 23

An administrator has deployed Console into a Kubernetes cluster running in AWS. The administrator also has configured a load balancer in TCP passthrough mode to listen on the same ports as the default Prisma Compute Console configuration.

In the build pipeline, the administrator wants twistcli to talk to Console over HTTPS. Which port will twistcli need to use to access the Prisma Compute APIs?

A.

8084

B.

443

C.

8083

D.

8081

Full Access
Question # 24

Based on the following information, which RQL query will satisfy the requirement to identify VM hosts deployed to organization public cloud environments exposed to network traffic from the internet and affected by Text4Shell RCE (CVE-2022-42889) vulnerability?

• Network flow logs from all virtual private cloud (VPC) subnets are ingested to the Prisma Cloud Enterprise Edition tenant.

• All virtual machines (VMs) have Prisma Cloud Defender deployed.

A)

B)

C)

D)

A.

Option A

B.

Option B

C.

Option C

D.

Option D

Full Access
Go to page: