PCCSE Certification Questions – Prisma Certified Cloud Security Engineer

The best way to start your preparation for PCCSE Certification is here. The Prisma Certified Cloud Security Engineer (PCCSE) certification validates the knowledge, skills and abilities required to onboard, deploy and administer all aspects of Prisma Cloud. PassQuestion released PCCSE Certification Questions which cover 85 questions and answers to help you pass your PCCSE certification exam easily.

Test Online PCCSE Free Questions

1. Which two statements are true about the differences between build and run config policies? (Choose two.)


2. Which component(s), if any will Palo Alto Networks host and run when a customer purchases Prisma Cloud Enterprise Edition?


3. Which type of compliance check is available for rules under Defend > Compliance > Containers and Images > CI?


4. A customer wants to scan a serverless function as part of a build process.

Which twistcli command can be used to scan serverless functions?



Which order of steps map a policy to a custom compliance standard?

(Drag the steps into the correct order of occurrence, from the first step to the last.)

6. Given an existing ECS Cluster, which option shows the steps required to install the Console in Amazon ECS?


7. Which options show the steps required after upgrade of Console?


8. The compliance team needs to associate Prisma Cloud policies with compliance frameworks .

Which option should the team select to perform this task?


9. The administrator wants to review the Console audit logs from within the Console.

Which page in the Console should the administrator use to review this data, if it can be reviewed at all?


10. The security team wants to target a CMAF policy for specific running Containers How should the administrator scope the policy to target the Containers?



What is the order of steps to create a custom network policy?

(Drag the steps into the correct order of occurrence, from the first step to the last.)

12. A customer wants to turn on Auto Remediation.

Which policy type has the built-in CLI command for remediation?


13. Which authentication mechanism is supported by Prisma Cloud?


14. Which method should be used to authenticate to Prisma Cloud Enterprise programmatically?


15. A customer is interested in PCI requirements and needs to ensure that no privilege containers can start in the environment .

Which action needs to be set for "do not use privileged containers?


16. Which "kind" of Kubernetes object that is configured to ensure that Defender is acting as the admission controller?


17. Which option identifies the Prisma Cloud Compute Edition?


18. A customer has a requirement to terminate any Container from image topSecret:latest

when a process named ransomWare is executed

How should the administrator configure Prisma Cloud Compute to satisfy this requirement?



You wish to create a custom policy with build and run subtypes.

Match the query types for each example.

(Select your answer from the pull-down list. Answers may be used more than once or not at all.)

20. Retrieve the Prisma Cloud Console images using ‘docker pull’ To retrieve Prisma Cloud Console images using basic auth

D. 1 Access registry paloaltonetworks com. and authenticate using ‘docker login’

2 Retrieve the Prisma Cloud Console images using ‘docker pull’

21. Which option shows the steps to install the Console in a Kubernetes Cluster?


22. Which three types of bucket exposure are available in the Data Security module? (Choose three.)


23. Given this information:

•. The Console is located at https//prisma-console mydomain local

•. The username is ciuser

•. The password is password123

•. The Image to scan is myimage latest

Which twistcli command should be used to scan a Container for vulnerabilities and display the details about each vulnerability?



Match the service on the right that evaluates each exposure type on the left.

(Select your answer from the pull-down list. Answers may be used more than once or not at all.)


An administrator has been tasked with creating a custom service that will download any existing compliance report from a Prisma Cloud Enterprise.

tenant-In which order will the APIs be executed for this service? (Drag the steps into the correct order of occurrence from the first step to the last)

26. A security team has a requirement to ensure the environment is scanned for vulnerabilities .

What are three options for configuring vulnerability policies? (Choose three.)


27. Which three steps are involved in onboarding an account for Data Security? (Choose three.)


28. A customer is reviewing Container audits, and an audit has identified a cryptominer attack.

Which three options could have generated this audit? (Choose three.)


29. An administrator wants to install the Defenders to a Kubernetes cluster. This cluster is running the console on the default service endpoint and will be exporting to YAML




Which command generates the YAML file for Defender install?






30. The Prisma Cloud administrator has configured a new policy.

Which steps should be used to assign this policy to a compliance standard?


Question 1 of 30

Palo Alto Networks PCNSE Certification Real Questions
[Jan-9th-2021] Updated Palo Alto Networks PCNSA Exam Questions (98 Q&As)

Leave a Reply

Your email address will not be published. Required fields are marked *