Is this exam completely free?

Examcademy offers a free preview for every exam, covering around 20% of the total questions. Full access is available with a paid upgrade.

Can I practice IT certification exams from Microsoft, AWS, or CompTIA?

Yes! Examcademy supports a wide range of IT certification exams including Microsoft Azure, AWS Cloud Practitioner, and CompTIA A+ and Security+.

How accurate are the mock exams?

Our mock exams are built and reviewed with the help of AI and community contributions, staying aligned with real-world exam objectives.

PSE-Prisma CloudFree trial

By palo-alto-networks

Verified

25Q per page

Question 1

Which two cloud-native providers are supported by Prisma Cloud? (Choose two.)

A: DigitalOcean
B: Azure
C: IBM Cloud
D: Oracle Cloud

—

Question 2

How does Prisma Cloud Enterprise autoremediate unwanted violations to public cloud infrastructure?

A: It inspects the application program interface (API) call made to public cloud and blocks the change if a policy violation is found.
B: It makes changes after a policy violation has been identified in monitoring.
C: It locks all changes to public cloud infrastructure and stops any configuration changes without prior approval.
D: It uses machine learning (ML) to identify unusual changes to infrastructure.

—

Question 3

Which framework in Prisma Cloud can be used to provide general best practices when no specific legal requirements or regulatory standards need to be met?

A: Payment Card Industry (PCI) Data Security Standard (DSS) V3
B: Health Insurance Portability and Accountability Act (HIPAA)
C: Center for Internet Security (CIS) Benchmark
D: General Data Protection Regulation (GDPR)

—

Question 4

Which pattern syntax will add all images to a trusted images rule within a registry?

A: *.acme.com
B: acme/*
C: acme.com/myrepo/allimages:/*
D: registry.acme.com/*

—

Question 5

Which Resource Query Language (RQL) query monitors all "delete" activities for the user "user1"?

A: event where crud = 'delete' AND subject = 'user1'
B: event where crud = 'delete'
C: event where crud = 'delete' AND subject = 'user1' AND cloud.type = 'aws'
D: event where subject = 'user1'

—

Question 6

Which type of Resource Query Language (RQL) query is used to create a custom policy that looks for untagged resources?

A: config
B: alert
C: event
D: data

—

Question 7

Which two data sources are ingested by Prisma Cloud? (Choose two.)

A: network flow logs
B: list of all database instances' tables
C: metadata about compute resources' configuration
D: Cortex Data Lake

—

Question 8

Which Resource Query Language (RQL) query type monitors specific administrator activities?

A: Event
B: Network
C: User
D: Config

—

Question 9

Which Resource Query Language (RQL) string searches for all Elastic Block Store (EBS) volumes that do not have a "DataClassification" tag?

A: config cloud.resource from api.name = 'aws-ec2-describe-volumes' AND json.rule = tags[*].key exists
B: config cloud.resource from api.name = 'aws-ec2-describe-volumes' AND json.rule = tags[*].key = 1
C: config cloud.resource from api.name = 'aws-ec2-describe-volumes' AND json.rule = tags[*].key contains DataClassification
D: config cloud.resource from api.name = 'aws-ec2-describe-volumes' AND json.rule = tags[*].key does not contain DataClassification

—

Question 10

Which Resource Query Language (RQL) string using network query attributes returns all traffic destined for Internet or Suspicious IPs, what also exceed 1GB?

A: network from vpc.flow_record where publicnetwork = ( 'Internet IPs', 'Suspicious IPs' ) AND bytes > 1000000000
B: network from vpc.flow_record where bytes > 1GB and destination = 'Internet IPs' OR 'Suspicious IPs'
C: show traffic from vpc.flow_record where destination.network = ( 'Internet IPs', 'Suspicious IPs' ) AND bytes > 1000000000
D: network from vpc.flow_record where dest.publicnetwork IN ( 'Internet IPs', 'Suspicious IPs' ) AND bytes > 1000000000

—

Question 11

Which Resource Query Language (RQL) query monitors all traffic from the internet and suspicious internet protocols (IPs) destined for Amazon Web Services (AWS) databases?

A: network from vpc.flow_record where dest.resource IN ( resource where role = 'Database')
B: network from vpc.flow_record where source.publicnetworк IN ( 'Suspicious IPs' , 'Internet IPs' ) and dest.resource IN ( resource where role IN ( 'LDAP' ) )
C: network from vpc.flow_record where source. publicr.etwork IN ( 'Suspicious IPs' ) and dest.resource IN ( resource where role IN ( 'AWS RDS' , 'Database' ) )
D: network from vpc.flow_record where source.publicnetwork IN ( 'Suspicious IPs' , 'Internet IPs' ) and dest.resource IN ( resource where role IN ( 'AWS RDS' , 'Database' ) )

—

Question 12

An image containing medium vulnerabilities that do not have available fixes is being deployed into the sock-shop namespace. Prisma Cloud has been configured for vulnerability management within the organization's continuous integration (CI) tool and registry.
What will occur during the attempt to deploy this image from the CI tool into the sock-shop namespace?

A: The image will pass the CI policy, but will be blocked by the deployed policy; therefore, it will not be deployed.
B: The CI policy will fail the build; therefore, the image will not be deployed.
C: The image will be deployed successfully, and all vulnerabilities will be reported.
D: The image will be deployed successfully, but no vulnerabilities will be reported.

—

Question 13

A Prisma Cloud Administrator has been asked to create a custom policy which notifies the InfoSec team each time a configuration range is made to a Security group.
Which type of Resource Query Language (RQL) query would be used in this policy?

A: audit from
B: network from
C: event from
D: config from

—

That’s the end of your free questions

You’ve reached the preview limit for PSE-Prisma Cloud

Consider upgrading to gain full access!

Page 1 of 3 • Questions 1-25 of 65

1 2 3

→

Free preview mode

Enjoy the free questions and consider upgrading to gain full access!