NO.102 Match the service on the right that evaluates each exposure type on the left.
(Select your answer from the pull-down list. Answers may be used more than once or not at all.)

NO.103 Which two variables must be modified to achieve automatic remediation for identity and access management (IAM) alerts in Azure cloud? (Choose two.)

NO.104 Which type of compliance check is available for rules under Defend > Compliance > Containers and Images
> CI?

NO.105 Which “kind” of Kubernetes object is configured to ensure that Defender is acting as the admission controller?

NO.106 An administrator has been tasked with a requirement by your DevSecOps team to write a script to continuously query programmatically the existing users, and the user’s associated permission levels, in a Prisma Cloud Enterprise tenant.
Which public documentation location should be reviewed to help determine the required attributes to carry out this step?

NO.107 Which role does Prisma Cloud play when configuring SSO?

NO.108 Which command should be used in the Prisma Cloud twistcli tool to scan the nginx:latest image for vulnerabilities and compliance issues?
A)
B)

C)

D)

NO.109 Per security requirements, an administrator needs to provide a list of people who are receiving e-mails for Prisma Cloud alerts.
Where can the administrator locate this list of e-mail recipients?

NO.110 An S3 bucket within AWS has generated an alert by violating the Prisma Cloud Default policy “AWS S3 buckets are accessible to public”. The policy definition follows:
config where cloud.type = ‘aws’ AND api.name=’aws-s3api-get-bucket-acl’ AND json.rule=”((((acl.grants[?
(@.grantee==’AllUsers’)] size > 0) or policyStatus.isPublic is true) and publicAccessBlockConfiguration does not exist) or ((acl.grants[?(@.grantee==’AllUsers’)] size > 0) and publicAccessBlockConfiguration.ignorePublicAcis is false) or (policyStatus.isPublic is true and publicAccessBlockConfiguration.restrictPublicBuckets is false)) and websiteConfiguration does not exist” Why did this alert get generated?

NO.111 Which three steps are involved in onboarding an account for Data Security? (Choose three.)

NO.112 Which three types of runtime rules can be created? (Choose three.)

NO.113 Given this information:
The Console is located at https://prisma-console.mydomain.local The username is: cluster The password is: password123 The image to scan is: myimage:latest Which twistcli command should be used to scan a Container for vulnerabilities and display the details about each vulnerability?

NO.114 The Unusual protocol activity (Internal) network anomaly is generating too many alerts. An administrator has been asked to tune it to the option that will generate the least number of events without disabling it entirely.
Which strategy should the administrator use to achieve this goal?

NO.115 In Prisma Cloud Software Release 22.06 (Kepler), which Registry type is added?

NO.116 A customer has a requirement to terminate any Container from image topSecret:latest when a process named ransomWare is executed.
How should the administrator configure Prisma Cloud Compute to satisfy this requirement?

NO.117 Which ROL query is used to detect certain high-risk activities executed by a root user in AWS?

NO.118 Console is running in a Kubernetes cluster, and you need to deploy Defenders on nodes within this cluster.
Which option shows the steps to deploy the Defenders in Kubernetes using the default Console service name?

NO.119 Which alerts are fixed by enablement of automated remediation?

NO.120 Which statement accurately characterizes SSO Integration on Prisma Cloud?

NO.121 A customer is reviewing Container audits, and an audit has identified a cryptominer attack. Which three options could have generated this audit? (Choose three.)

NO.122 Which component(s), if any, will Palo Alto Networks host and run when a customer purchases Prisma Cloud Enterprise Edition?

NO.123 Which Prisma Cloud policy type can protect against malware?

NO.124 You are an existing customer of Prisma Cloud Enterprise. You want to onboard a public cloud account and immediately see all of the alerts associated with this account based off ALL of your tenant’s existing enabled policies. There is no requirement to send alerts from this account to a downstream application at this time.
Which options shows the steps required during the alert rule creation process to achieve this objective?

NO.125 Given a default deployment of Console, a customer needs to identify the alerted compliance checks that are set by default Where should the customer navigate in Console?

NO.126 A security team is deploying Cloud Native Application Firewall (CNAF) on a containerized web application. The application is running an NGINX container. The container is listening on port 8080 and is mapped to host port 80.
Which port should the team specify in the CNAF rule to protect the application?