A DevOps lead reviewed some system logs and notices some odd behavior that could be a data exfiltration attempt. The DevOps lead only has access to vulnerability data in Prisma Cloud Compute, so the DevOps lead passes this information to SecOps. Which pages in Prisma Cloud Compute can the SecOps lead use to investigate the runtime aspects of this attack?

QuestionsCategory: PCCSEA DevOps lead reviewed some system logs and notices some odd behavior that could be a data exfiltration attempt. The DevOps lead only has access to vulnerability data in Prisma Cloud Compute, so the DevOps lead passes this information to SecOps. Which pages in Prisma Cloud Compute can the SecOps lead use to investigate the runtime aspects of this attack?
Admin Staff asked 3 months ago
A DevOps lead reviewed some system logs and notices some odd behavior that could be a data exfiltration attempt. The DevOps lead only has access to vulnerability data in Prisma Cloud Compute, so the DevOps lead passes this information to SecOps.
Which pages in Prisma Cloud Compute can the SecOps lead use to investigate the runtime aspects of this attack?

A. The SecOps lead should investigate the attack using Vulnerability Explorer and Runtime Radar.

B. The SecOps lead should use Incident Explorer and Compliance Explorer.

C. The SecOps lead should use the Incident Explorer page and Monitor > Events > Container Audits.

D. The SecOps lead should review the vulnerability scans in the CI/CD process to determine blame.








 

Suggested Answer: B

Community Answer: C

Reference:
https://docs.paloaltonetworks.com/prisma/prisma-cloud/19-11/prisma-cloud-compute-edition-admin/runtime_defense/incident_explorer.html

This question is in PCCSE Palo Alto Networks Certified Cloud Security Engineer Exam
For getting Palo Alto Networks Certified Cloud Security Engineer (PCCSE) Certificate




Disclaimers:
The website is not related to, affiliated with, endorsed or authorized by Palo Alto Networks. 
Trademarks, certification & product names are used for reference only and belong to Palo Alto Networks.
The website does not contain actual questions and answers from Palo Alto Networks's Certification Exams.

Recommended

Welcome Back!

Login to your account below

Create New Account!

Fill the forms below to register

Retrieve your password

Please enter your username or email address to reset your password.