PCCSE Free Practice Test

Review this admission control policy:
match[{"msg": msg}] { input.request.operation == "CREATE" input.request.kind.kind == "Pod" input.request.resource.resource == "pods"
input.request.object.spec.containers[_].securityContext.privileged msg := "Privileged"
}
Which response to this policy will be achieved when the effect is set to “block”?

1. A. The policy will block all pods on a Privileged host.
2. B. The policy will replace Defender with a privileged Defender.
3. C. The policy will alert only the administrator when a privileged pod is created.
4. D. The policy will block the creation of a privileged pod.

Correct Answer: C

The administrator wants to review the Console audit logs from within the Console.
Which page in the Console should the administrator use to review this data, if it can be reviewed at all?

1. A. Navigate to Monitor > Events > Host Log Inspection
2. B. The audit logs can be viewed only externally to the Console
3. C. Navigate to Manage > Defenders > View Logs
4. D. Navigate to Manage > View Logs > History

Correct Answer: D

The Prisma Cloud administrator has configured a new policy.
Which steps should be used to assign this policy to a compliance standard?

1. A. Edit the policy, go to step 3 (Compliance Standards), click + at the bottom, select the compliance standard, fill in the other boxes, and then click Confirm.
2. B. Create the Compliance Standard from Compliance tab, and then select Add to Policy.
3. C. Open the Compliance Standards section of the policy, and then save.
4. D. Custom policies cannot be added to existing standards.

Correct Answer: B

The development team wants to fail CI jobs where a specific CVE is contained within the image. How should the development team configure the pipeline or policy to produce this outcome?

1. A. Set the specific CVE exception as an option in Jenkins or twistcli.
2. B. Set the specific CVE exception as an option in Defender running the scan.
3. C. Set the specific CVE exception as an option using the magic string in the Console.
4. D. Set the specific CVE exception in Console’s CI policy.

Correct Answer: C

Which component(s), if any, will Palo Alto Networks host and run when a customer purchases Prisma Cloud Enterprise Edition?

1. A. Defenders
2. B. Console
3. C. Jenkins
4. D. twistcli

Correct Answer: B