100%有保障的CloudSec-Pro認證指南,最好的學習資料幫助妳快速通過CloudSec-Pro考試如果你參加Palo Alto Networks CloudSec-Pro認證考試,你選擇PDFExamDumps就是選擇成功!祝你好運。 最新的 Cloud Security Engineer CloudSec-Pro 免費考試真題 (Q149-Q154):問題 #149
A user from an organization is unable to log in to Prisma Cloud Console after having logged in the previous day.
Which area on the Console will provide input on this issue?
A. SSO
B. Audit Logs
C. Access Control
D. Users & Groups
答案:B
解題說明:
In the event a user is unable to log in to the Prisma Cloud Console, Audit Logs serve as a critical area for investigating the issue. Audit Logs provide a detailed record of activities, including login attempts, within the Prisma Cloud environment. By examining the Audit Logs, administrators can identify failed login attempts, understand the reasons behind login failures (e.g., incorrect credentials, account lockouts, or access policy changes), and take appropriate actions to resolve the login issues, ensuring users can access the console as expected.
問題 #150
Which step should a SecOps engineer implement in order to create a network exposure policy that identifies instances accessible from any untrusted internet sources?
A. In Policy Section-> Add Policy-> Network type -> Define Policy details Like Name.Severity-> Configure RQL query "config from network where source.network = UNTRUSTJNTERNET and dest.resource.type = 'Instance' and dest.cloud.type = 'AWS'" -> Define recommendation for remediation & save.
B. In Policy Section-> Add Policy-> Network type -> Define Policy details Like Name.Severity-> Configure RQL query "network from vpc.flow_record where source.publicnetwork IN ('Suspicious IPs', 'Internet IPs') and dest.resource IN (resource where role IN ('Instance ))" -> define compliance standard -> Define recommendation for remediation & save.
C. In Policy Section-> Add Policy-> Network type -> Define Policy details Like Name.Severity-> Configure RQL query "network from vpc.flow_record where source.publicnetwork IN ('Suspicious IPs', 'Internet IPs') and dest.resource IN (resource where role IN ( Instance ))" -> define compliance standard -> Define recommendation for remediation & save.
D. In Policy Section-> Add Policy-> Config type -> Define Policy details Like Name,Severity-> Configure RQL query "config from network where source.network = UNTRUSTJNTERNET and dest.
resource.type = 'Instance' and dest.cloud.type = 'AWS*" -> define compliance standard -> Define recommendation for remediation & save.
答案:D
解題說明:
To create a network exposure policy that identifies instances accessible from any untrusted internet sources, a SecOps engineer would need to navigate to the Policy section within Prisma Cloud and add a new policy of the Config type. They would define the details of the policy such as the name and severity level and then configure the RQL query to specify conditions that match instances accessible from untrusted internet sources. The RQL query provided in the answer specifies that the source of the network traffic should be from an untrusted internet and that the destination resource should be an instance in the AWS cloud. After defining the compliance standards and providing recommendations for remediation, the policy can be saved to be enforced within the environment.
問題 #151
What will happen when a Prisma Cloud Administrator has configured agentless scanning in an environment that also has Host and Container Defenders deployed?
A. Agentless scans do not conflict with Defender scans, so both will run.
B. Agentless scan will automatically be disabled, so Defender scans are the only scans occurring.
C. Defender scans will automatically be disabled, so agentless scans are the only scans occurring.
D. Both agentless and Defender scans will be disabled and an error message will be received.
答案:A
解題說明:
In a Prisma Cloud environment where both agentless scanning and Defender-based scans (Host and Container Defenders) are configured, there is no inherent conflict between these two scanning methods. Both agentless scans and Defender scans are designed to complement each other, providing comprehensive coverage and depth in the security analysis of the environment. Agentless scans offer a broad, less intrusive overview, while Defender scans provide deep, detailed insights into the security posture. Therefore, both types of scans will run concurrently, enhancing the overall security visibility and protection of the environment without disabling or interfering with each other's operations.
The agentless scanning architecture lets you inspect a host and the container images in that host without having to install an agent or affecting its execution. https://docs.paloaltonetworks.com/prisma/prisma-cloud
/prisma-cloud-admin-compute/agentless-scanning/onboard-accounts
問題 #152
Which three steps are involved in onboarding an account for Data Security? (Choose three.)
A. Enter the RoleARN and SNSARN
B. Enable Flow Logs
C. Create a read-only role with in-line policies
D. Create a Cloudtrail with SNS Topic
E. Create a S3 bucket
答案:A,D,E
解題說明:
Onboarding an account for Data Security involves several critical steps to ensure comprehensive coverage and effective monitoring. The steps involved include B. Create a Cloudtrail with SNS Topic to track and manage API calls and relevant notifications, D. Enter the RoleARN and SNSARN to provide necessary access and integration points for data security functions, and E. Create a S3 bucket which serves as a storage solution for logging and data capture essential for security analysis.
問題 #153
What are two key requirements for integrating Okta with Prisma Cloud when multiple Amazon Web Services (AWS) cloud accounts are being used? (Choose two.)
A. A valid subscription for the IAM security module