Palo Alto Networks Cybersecurity-Apprentice - Palo Alto Networks Cybersecurity Apprentice Certification Exam
Question #6 (Topic: Demo Questions)
A container and image compliance rule has been configured by enabling all checks; however, upon review, the container ' s compliance view reveals only the entries in the image below.
What is the appropriate action to take next?
Correct Answer: C
Explanation:
The image provided showcases a filtered compliance view, which is displaying only certain checks with varying severities and descriptions related to container and image compliance. Since the compliance rule was configured to enable all checks but only a subset of entries is visible, it implies that the current view is filtered to show specific entries. To obtain a comprehensive view of all checks, including those that have passed, the rule options must be adjusted. By selecting the option to list both failed and passed checks, one can gain complete visibility over the compliance status of the container, ensuring that no aspect of the compliance has been overlooked and that all necessary information is available for review.
Question #7 (Topic: Demo Questions)
What is an automatically correlated set of individual events generated by the firewall and runtime sensors to identify unfolding attacks?
Correct Answer: B
Explanation:
[Reference: https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-admin-compute/runtime_defense/incident_explorer.html, An automatically correlated set of individual events generated by the firewall and runtime sensors to identify unfolding attacks is known as an "incident". Incidents provide a consolidated view of related security events, making it easier for administrators to understand the scope and potential impact of an attack, and to take appropriate response actions., , , ]