(PCCSE) Prisma Certified Cloud Security Engineer Exam Test

via Udemy

Go to Course: https://www.udemy.com/course/pccse-prisma-certified-cloud-security-engineer-exam-test/

Overview

Welcome to Exam Prisma Certified Cloud Security Engineer Exam (Verified QA)The Palo Alto Networks Certified Cloud Security Engineer (PCCSE) certification validates the knowledge, skills, and abilities required to onboard, deploy, and administer all aspects of Prisma Cloud. PCCSE covers Prisma Cloud, Prisma Cloud Enterprise, and Prisma Cloud Compute. It showcases an individual's knowledge of the Prisma Cloud platform applications, data, and the entire cloud native technology stack-throughout the development lifecycle and across multi- and hybrid cloud environments.Exam Domain Objective:-Domain 1 Cloud Security Posture Management (CSPM) Task 1.1 Identify assets in a Cloud account1.1.1 Inventory of resources in a cloud account1.1.2 Resource configuration history1.1.3 Asset configuration changesTask 1.2 Configure policies1.2.1 Custom policies1.2.2 Policy types1.2.3 Supported variables within configuration-run custom policiesTask 1.3 Configure compliance standards1.3.1 Standards1.3.2 ReportsTask 1.4 Configure alerting and notifications1.4.1 Alert states1.4.2 Alert rules1.4.3 Alert notifications and reports1.4.4 Alert workflowTask 1.5 Use third-party integrations1.5.1 Inbound and outbound notificationsTask 1.6 Perform ad hoc investigations1.6.1 Resource configuration with RQL1.6.2 User activity using RQL1.6.3 Network activity using RQL1.6.4 Anomalous user events1.6.5 Asset details using RQLTask 1.7 Remediate alerts1.7.1 Auto-remediation1.7.2 Manual versus automated remediationTask 1.8 Use SecOps Dashboard1.8.1 Internet-connected assets by source network traffic behavior1.8.2 ComponentsDomain 2 Cloud Workload Protection (CWP) Task 2.1 Monitor and defend against image vulnerabilities2.1.1 Options available in the Monitor section2.1.2 Options available in the Policies sectionTask 2.2 Monitor and defend against host vulnerabilities2.2.1 Options available in the Monitor section2.2.2 Options available in the Policies sectionTask 2.3 Monitor and enforce image/container compliance2.3.1 Options available in the Monitor section2.3.2 Options available in the Policies sectionTask 2.4 Monitor and enforce host compliance2.4.1 Options available in the Monitor section2.4.2 Options available in the Policies sectionTask 2.5 Monitor and defend containers and hosts during runtime2.5.1 Container models2.5.2 Host observations2.5.3 Runtime policies2.5.4 Runtime audits2.5.5 Incidents using Incident ExplorerTask 2.6 Monitor and protect against serverless vulnerabilities2.6.1 Monitor2.6.2 Policy2.6.3 Auto-protectTask 2.7 Configure WAAS2.7.1 Application specifications2.7.2 API methods2.7.3 Rest API endpoints2.7.4 DoS protection2.7.5 Access control to Limit inbound sources2.7.6 Network lists2.7.7 Access control to enforce HTTP headers and file uploads2.7.8 Bot protection2.7.9 Rules2.7.10 Audit logsTask 2.8 Monitor and protect registries2.8.1 Scanning2.8.2 CIDomain 3 Install, Upgrade, and Backup / Prisma Cloud Administration Task 3.1 Deploy and manage Console for the Compute Edition3.1.1 Prisma Cloud release software3.1.2 Console in Onebox configuration3.1.3 Upgrade on Console3.1.4 Business use case to determine Prisma Cloud version to use3.1.5 Tenant versus Scale projectsTask 3.2 Deploy and manage defenders3.2.1 Types3.2.2 Networking for Defender-To-Console connectivity3.2.3 Upgrade and CompatibilityTask 3.3 Configure Agentless Security3.3.1 Agent versus Agentless3.3.2 Cloud discoveryTask 3.4 Backup and restore Console3.4.1 Backup management3.4.2 Disaster recoveryTask 3.5 Manage authentication3.5.1 Certificates3.5.2 Secrets and credentials storeTask 3.6 Onboard accounts3.6.1 Onboard cloud accounts3.6.2 Account GroupsTask 3.7 Configure access control3.7.1 Users, roles, and permission groups3.7.2 Access control troubleshooting3.7.3 Service accounts and access keys3.7.4 Single Sign On3.7.5 Role-based access control for Docker Engine (CWP)3.7.6 Admission control with Open Policy Agent (CWP3.7.7 Resource lists and collectionsTask 3.8 Configure logging3.8.1 Audit logging3.8.2 Defender loggingTask 3.9 Manage enterprise settings3.9.1 Anomaly settings3.9.2 Idle timeout3.9.3 Auto-enable policies3.9.4 Alert dismissal reason3.9.5 User attribution3.9.6 Licensing3.9.7 Access key maximum validityTask 3.10 Configure third-party integrations3.10.1 Inbound and outbound notifications3.10.2 Supported capabilitiesTask 3.11 Leverage Cloud and Compute APIs3.11.1 Authenticate with APIs3.11.2 API documentation3.11.3 Policies and custom queries by API3.11.4 Alerts and Reports using APIs3.11.5 Vulnerability results via API3.11.6 Access keys3.11.7 Data security and IAM APIsTask 3.12 Leverage Adoption Advisor and Alarm Center3.12.1 Notification rule3.12.2 Adoption Advisor guidanceTask 3.13 Access Knowledge Center and Help Center3.13.1 Knowledge Center3.13.2 Help Center3.13.3 Feature requests3.13.4 PCCSE3.13.5 Live Community3.13.6 Product status updates3.13.7 Docs, Prisma Cloud Privacy and Support optionsDomain 4 Cloud Network Security and Identity-Based Microsegmentation Enterprise EditionTask 4.1 Configure Cloud network analyzer4.1.1 Network exposure policy4.1.2 RQLTask 4.2 Deploy and manage Enforcers4.2.1 Processing units4.2.2 Namespaces4.2.3 Tags and identity4.2.4 Network rulesets4.2.5 Out-of-the-box rules4.2.6 Application profilingTask 4.3 Manage local changes in a remote repository (dev-prod) Configuration4.3.1 Types4.3.2 Networking for Enforcers-to-Console connectivityTask 4.4 Use NetSecOps dashboard4.4.1 FlowsDomain 5 Prisma Cloud Code Security (PCCS)Task 5.1 Implement scanning for IAC templates5.1.1 Terraform and Cloudformation scanning configurations5.1.2 OOTB IAC scanning integrations5.1.3 API scanning5.1.4 IAC scanning integration5.1.5 Supply-chain security5.1.6 Handling scanned issues5.1.7 Repository scanningTask 5.2 Configure policies in Console for IAC scanning5.2.1 OOTB policies5.2.2 Custom build policies5.2.3 Types of config policies5.2.4 Prisma configuration filesTask 5.3 Configure CI policies for Compute scanning5.3.1 Default CI policies5.3.2 Custom CI policiesTask 5.4 Manage configuration settings5.4.1 Code reviews5.4.2 Code repository settings5.4.3 Notifications5.4.4 Pull requests and tagging botsDomain 6 Identity and Access Management (IAM)/Prisma Cloud Data Security (PCDS)Task 6.1 Calculate net effective permissions6.1.1 AWS calculation6.1.2 Azure calculationTask 6.2 Investigate incidents and create IAM policies6.2.1 RQL queries6.2.2 IAM policiesTask 6.3 Integrate IAM with IdP6.3.1 Azure active directory6.3.2 OktaTask 6.4 Remediate alerts6.4.1 Manual versus automatic6.4.2 AWS remediation6.4.3 Azure remediationTask 6.5 Monitor Scan Results6.5.1 Monitor Scan Results6.5.2 Data Inventory6.5.3 Resource Explorer6.5.4 Object Explorer6.5.5 Exposure EvaluationTask 6.6 Assess Data Policies and Alerts6.6.1 Data policy vs data pattern6.6.2 AlertsTask 6.7 Define data security scan settings6.7.1 Scan configuration6.7.2 Data profile and pattern6.7.3 File extensions6.7.4 Snippet masking"Palo Alto Networks Prisma", "Prisma Certified Cloud Security Engineer (PCCSE)" are registered marks of Palo Alto Networks.This practice test is only for exam practice questions. This is an Unofficial course and this course is not affiliated, licensed or trademarked with Palo Alto Networks in any way.

Skills

Reviews