Do you know that you can access more real exam questions via Premium Access? ()
Prisma Cloud supports sending audit event records to which three targets? (Choose three.)
Answer : B, C, D
A customer's Security Operations Center (SOC) team wants to receive alerts from Prisma Cloud via email once a day about all policies that have a violation, rather than receiving an alert every time a new violation occurs.
Which alert rule configuration meets this requirement?
Answer : D
To receive daily email alerts for all policy violations, the SOC team should configure an alert rule that encompasses all policies and sets the notification frequency to once per day. This can be achieved by:
Navigating to the ''Policies'' tab within the alert rule configuration and selecting ''All Policies'' to ensure that the rule applies to every policy.
Moving to the ''Set Alert Notifications'' tab and choosing the ''Email'' notification method.
Setting the notification to ''Recurring'' with a frequency of every 1 day.
Enabling the email notification by specifying the recipient's email address.
This configuration ensures that the SOC team will receive a consolidated email once a day that includes information on all policies that have been violated, rather than receiving multiple alerts throughout the day as new violations occur. It allows the team to review the compliance status efficiently and prioritize their response accordingly.
Where can a user submit an external new feature request?
Answer : A
https://prismacloud.ideas.aha.io/ideas
To submit an external new feature request for Prisma Cloud, users can utilize theAhaplatform. By accessing the Palo Alto Networks Aha portal, users can submit their feature requests, suggest enhancements, and contribute to shaping the future of Prisma Cloud. Aha provides a structured way to collect and prioritize customer feedback, ensuring that valuable insights reach the product development teams.
Which of the following is a reason for alert dismissal?
Answer : C
In Prisma Cloud,POLICY_UPDATEDis a valid reason for the dismissal of an alert. This reason indicates that an alert can be dismissed if the policy that triggered the alert has been updated. When a policy is updated to no longer apply to certain resources or conditions, any open alerts that were generated based on the previous version of the policy may be dismissed as they are no longer relevant.
The other options, such as SNOOZED_AUTO_CLOSE, ALERT_RULE_ADDED, and USER_DELETED, are not standard reasons for the dismissal of an alert in Prisma Cloud. SNOOZED_AUTO_CLOSE refers to the temporary suspension of an alert, ALERT_RULE_ADDED is related to the creation of a new alert rule, and USER_DELETED would pertain to the removal of a user account, not directly to alert dismissal.
Which two statements explain differences between build and run config policies? (Choose two.)
Answer : B, D
Run and Network policies (A) are indeed part of the configuration policy set, but they do not highlight the difference between build and run policies. Similarly, while Run policies do monitor network activities , this statement does not contrast them with Build policies.