PSE-PrismaCloud PSE Palo Alto Networks System Engineer Professional - Prisma Cloud Questions and Answers

Create an RQL config query to identify resources with the tag "Private."

Create an RQL network query to identify traffic from resources tagged "Private."

Open the Asset Dashboard, filter on tags: and choose "Private."

Generate a CIS compliance report and review the "Asset Summary."

network

audit

anomaly

config

It inspects the application program interface (API) call made to public cloud and blocks the change if a policy violation is found.

It makes changes after a policy violation has been identified in monitoring.

It locks all changes to public cloud infrastructure and stops any configuration changes without prior approval.

It uses machine learning (ML) to identify unusual changes to infrastructure.

The thresholds can be set to informational, low, medium, high, and critical.

The alert threshold always has precedence over, and can be greater than, the block threshold.

The block threshold must always be equal to or greater than the alert threshold.

The block threshold always has precedence over, and can be less than, the alert threshold.

Clone the existing policy and change the value.

Click the gear icon next to the policy name to open the "Edit Policy" dialog.

Manually create the Resource Query Language (RQL) statement.

Override the value and commit the configuration.

Anomaly

Audit Event

Configuration

Network

Reserved IP

PIP

EIP

Floating IP

local scripts to public cloud APIs

remote function calls to host agents

third-party integration tools

public cloud CLI commands

Shield

Inspector

GuardDuty

Amazon Web Services WAF

Host and serverless rules support blocking, whereas container rules do not.

Rules explain the necessary actions when vulnerabilities are found in the resources of a customer environment.

Policies for containers, hosts, and serverless functions are not separate.

Rules are evaluated in an undefined order.

VM-100 BYOL on Microsoft Azure to VM-100 BYOL on Amazon Web Services

VM-300 BYOL on Microsoft Azure to VM-300 PAY6 on Amazon Web Services

VM-100 BYOL on Microsoft Azure to VM-300 BYOL on Microsoft Azure

VM-100 BYOL on Microsoft Azure to VM-300 PAYG on Amazon Web Services

VM-GCP

VM-100

VM-500

VM-300

Azure Application Insight

Resource Group

Azure Security Center

Bootstrapping

ARM Template

The image will pass the CI policy, but will be blocked by the deployed policy; therefore, it will not be deployed.

The CI policy will fail the build; therefore, the image will not be deployed.

The image will be deployed successfully, and all vulnerabilities will be reported.

The image will be deployed successfully, but no vulnerabilities will be reported.

Generate a Center for Internet Security (CIS) compliance report and search for "Amazon RDS" policy violations.

View the alert data on the "Asset Inventory" dashboard and filter on "Amazon RDS.

Within the "Alerts" tab. filter on "Amazon RDS" as a service.

Create a custom Resource Query Language (RQL) configuration report.

hose from

network from

system from

event from

registry path for image name

password

console address

username

Internet Gateway

Transit Gateway

Virtual Private Gateway

Customer Gateway

compliance where

network where

user where

config where

event where

Changes will take effect after a new learning phase of 30 days.

System will perform a reboot, deleting all past alerts.

Existing alerts and new alerts are regenerated based on the new setting.

New alerts are generated based on the new setting.

config where api.name = 'azure-vm-list' AND json.rule = powerState = "off'

config where api.name = 'azure-vm-list' AND json.rule = powerState does not contain "running"

config where api.name = 'azure-vm-list' AND json.rule = powerState = "running"

config where api.name = 'azure-vm-list' AND json.rule = powerState contains "running"

Configure an Inventory report from the "Alerts" tab.

Write an RQL query from the "Investigate" tab.

Open the Asset dashboard, filter on Amazon Web Services, and click "Amazon RDS" resources.

Generate a compliance report from the Compliance dashboard.

Create alert rules.

Whitelist IP addresses.

Configure User-ID.

Define enterprise settings.

*.acme.com

acme/*

acme.com/myrepo/allimages:/*

registry.acme.com/*

4

5

3

1

Google Kubernetes Engine

BigQuery

Compute Engine

App Engine

Google Virtual Private Cloud

Microsoft Azure

Alibaba Cloud

Oracle Cloud

Amazon Web Services

issue yum update command on an instance inside Amazon Web Services

Microsoft Windows inside Azure requesting a security patch

web server inside Amazon Web Services receiving web requests from internet

issue apt-get install command on an instance inside Amazon Web Services

outgoing Prisma Public Cloud API calls

through ARM Templates in the GitHub Repository

through Solution Templates in the Azure Marketplace

through Expedition in the Customer Success Portal

through Iron Skillets in the GitHub Repository

repo

trusted publisher

registry

base layer