PSE-PrismaCloud PSE Palo Alto Networks System Engineer Professional - Prisma Cloud Questions and Answers

Monitor > Compliance > Trusted Images

Monitor > Compliance > Images

Defend > Compliance > Trusted Images

Defend > Compliance > Images

through ARM Templates in the GitHub Repository

through Solution Templates in the Azure Marketplace

through Expedition in the Customer Success Portal

through Iron Skillets in the GitHub Repository

It inspects the application program interface (API) call made to public cloud and blocks the change if a policy violation is found.

It makes changes after a policy violation has been identified in monitoring.

It locks all changes to public cloud infrastructure and stops any configuration changes without prior approval.

It uses machine learning (ML) to identify unusual changes to infrastructure.

Create alert rules.

Whitelist IP addresses.

Configure User-ID.

Define enterprise settings.

Reserved IP

PIP

EIP

Floating IP

Elastic Compute Cloud (EC2) instances

Network Address Translation (NAT) gateways

CloudFront distributions

Security groups

Clone the existing policy and change the value.

Click the gear icon next to the policy name to open the "Edit Policy" dialog.

Manually create the Resource Query Language (RQL) statement.

Override the value and commit the configuration.

credential stuffing

cross-site scripting (XSS)

shoulder surfing

distributed denial of service (DDoS)

Generate a compliance report from the Compliance dashboard

Write an RQL query from the "Investigate" tab.

Configure an Inventory report from the "Alerts" tab

Open the Asset dashboard, filter on Amazon Web Services, and click "Amazon RDS" resources.

Linux, macOS, and Windows

Windows only

Linux and Windows

Linux, macOS, PAN-OS, and Windows

Use the default Vulnerability Protection Profile to protect clients from all known critical, high, and medium-severity threats

Clone the predefined Strict Profile, with packet capture settings disabled

Use the default Vulnerability Protection Profile to protect servers from all known critical, high, and medium-severity threats

Clone the predefined Strict Profile, with packet capture settings enabled

It requires Linux images to rely on optimizing registry scans due to various Linux elements.

It is only necessary in registries with tens of thousands of repositories and millions of images.

It is best practice to always optimize registry scans for faster results.

It is rarely successful in the Windows Operating System (OS).

guaranteed proof of concept (POC) extensions beyond 30 days

native integration of network, endpoint, and cloud data to stop attacks

elimination of blind spots

proactive addressing of risks

Google Cloud Platform

Microsoft Azure

Oracle Cloud

Amazon Web Services

Serial Number

CPU ID

Auth Code

License Key

UUID

consistent controls from build time to runtime

prebuilt and customizable polices to detect data such as personally identifiable information (PII) in publicly exposed objects

support for multiple languages, runtimes and frameworks

continuous monitoring of all could resources for vulnerabilities, misconfigurations, and other threats

Configure an Inventory report from the "Alerts" tab.

Write an RQL query from the "Investigate" tab.

Open the Asset dashboard, filter on Amazon Web Services, and click "Amazon RDS" resources.

Generate a compliance report from the Compliance dashboard.

Azure Resource Manager (ARM)

Hyper Text Markup Language (HTML)

GitHub

Terraform

event where crud = 'delete’ AND subject = 'user1'

event where crud = 'delete'

event where crud = 'delete' AND subject = 'user1' AND cloud.type = 'aws'

event where subject = 'user1'

10.0.1.254

10.0.2.1

10.0.3.255

10.0.3.1

Host and serverless rules support blocking, whereas container rules do not.

Rules explain the necessary actions when vulnerabilities are found in the resources of a customer environment.

Policies for containers, hosts, and serverless functions are not separate.

Rules are evaluated in an undefined order.

Cortex Data Lake

Cloud Storage buckets

Prisma Access Gateways

Compute Engine instance

The thresholds can be set to informational, low, medium, high, and critical.

The alert threshold always has precedence over, and can be greater than, the block threshold.

The block threshold must always be equal to or greater than the alert threshold.

The block threshold always has precedence over, and can be less than, the alert threshold.

Microsoft Azure

Alibaba Cloud

Amazon Web Services

Oracle Cloud

run the PAN-OS CLI command: set system mgmt-interface-swap enable yes

run the PAN-OS CLI command: set system mgmt-interface-swap setting enable yes

create a bootstrap file that includes the mgmt-interface-swap command

in the Google Cloud Console Metadata Field, enter a key-value pair where mgmt-interface-swap is the key and enable is the value

self-managed in a customer's own container platform

self-contained hardware appliance

as a stand-alone Windows application

Cloud-hosted as part of a Prisma Cloud Enterprise tenant from Palo Alto Networks

network flow logs

list of all database instances' tables

metadata about compute resources' configuration

Cortex Data Lake

config

alert

event

data

*.acme.com

acme/*

acme.com/myrepo/allimages:/*

registry.acme.com/*