A customer wants to turn on Auto Remediation.

Which policy type has the built-in CLI command for remediation?

Given a default deployment of Console, a customer needs to identify the alerted compliance checks that are set by default.

Where should the customer navigate in Console?

Order the steps involved in onboarding an AWS Account for use with Data Security feature.

A customer is deploying Defenders to a Fargate environment. It wants to understand the vulnerabilities in the image it is deploying.

How should the customer automate vulnerability scanning for images deployed to Fargate?

The development team wants to fail CI jobs where a specific CVE is contained within the image. How should the development team configure the pipeline or policy to produce this outcome?

During the Learning phase of the Container Runtime Model, Prisma Cloud enters a “dry run” period for how many hours?

Which three types of runtime rules can be created? (Choose three.)

The Compute Console has recently been upgraded, and the administrator plans to delay upgrading the Defenders and the Twistcli tool until some of the team’s resources have been rescaled. The Console is currently one major release ahead.

What will happen as a result of the Console upgrade?

Which two statements are true about the differences between build and run config policies? (Choose two.)

You are tasked with configuring a Prisma Cloud build policy for Terraform. What type of query is necessary to complete this policy?

Which method should be used to authenticate to Prisma Cloud Enterprise programmatically?

One of the resources on the network has triggered an alert for a Default Config policy.

Given the following resource JSON snippet:

Which RQL detected the vulnerability?

A)

B)

C)

D)

What are the two ways to scope a CI policy for image scanning? (Choose two.)

A customer has configured the JIT, and the user created by the process is trying to log in to the Prisma Cloud console. The user encounters the following error message:

What is the reason for the error message?

An administrator sees that a runtime audit has been generated for a host. The audit message is:

“Service postfix attempted to obtain capability SHELL by executing /bin/sh /usr/libexec/postfix/postfix- script.stop. Low severity audit, event is automatically added to the runtime model”

Which runtime host policy rule is the root cause for this runtime audit?

Which two variables must be modified to achieve automatic remediation for identity and access management (IAM) alerts in Azure cloud? (Choose two.)

The development team is building pods to host a web front end, and they want to protect these pods with an application firewall.

Which type of policy should be created to protect this pod from Layer7 attacks?

An administrator sees that a runtime audit has been generated for a container.

The audit message is:

“/bin/ls launched and is explicitly blocked in the runtime rule. Full command: ls -latr”

Which protection in the runtime rule would cause this audit?

Move the steps to the correct order to set up and execute a serverless scan using AWS DevOps.

What is an automatically correlated set of individual events generated by the firewall and runtime sensors to identify unfolding attacks?

Console is running in a Kubernetes cluster, and you need to deploy Defenders on nodes within this cluster.

Which option shows the steps to deploy the Defenders in Kubernetes using the default Console service name?

Which three elements are part of SSH Events in Host Observations? (Choose three.)

An administrator needs to detect and alert on any activities performed by a root account.

Which policy type should be used?

An administrator sees that a runtime audit has been generated for a Container. The audit message is “DNS resolution of suspicious name wikipedia.com. type A”.

Why would this message appear as an audit?

The InfoSec team wants to be notified via email each time a Security Group is misconfigured. Which Prisma Cloud tab should you choose to complete this request?

Which two IDE plugins are supported by Prisma Cloud as part of its DevOps Security? (Choose two.)