Match the service on the right that evaluates each exposure type on the left. (Select your answer from the pull-down list. Answers may be used more than once or not at all.)

An administrator sees that a runtime audit has been generated for a host. The audit message is: “Service postfix attempted to obtain capability SHELL by executing /bin/sh /usr/libexec/postfix/postfix- script.stop. Low severity audit, event is automatically added to the runtime model” Which runtime host policy rule is the root cause for this runtime audit?

A customer has a large environment that needs to upgrade Console without upgrading all Defenders at one time. What are two prerequisites prior to performing a rolling upgrade of Defenders? (Choose two.)

The security auditors need to ensure that given compliance checks are being run on the host. Which option is a valid host compliance policy?

What is the behavior of Defenders when the Console is unreachable during upgrades?

Which step is included when configuring Kubernetes to use Prisma Cloud Compute as an admission controller?

How are the following categorized? Backdoor account access Hijacked processes Lateral movement Port scanning

Which order of steps map a policy to a custom compliance standard? (Drag the steps into the correct order of occurrence, from the first step to the last.)

The security team wants to target a CNAF policy for specific running Containers. How should the administrator scope the policy to target the Containers?

Which intensity setting for anomaly alerts is used for the measurement of 100 events over 30 days?

Which statement is true regarding CloudFormation templates?

An administrator has been tasked with creating a custom service that will download any existing compliance report from a Prisma Cloud Enterprise tenant. In which order will the APIs be executed for this service? (Drag the steps into the correct order of occurrence, from the first step to the last.)

Which two processes ensure that builds can function after a Console upgrade? (Choose two.)

An administrator has deployed Console into a Kubernetes cluster running in AWS. The administrator also has configured a load balancer in TCP passthrough mode to listen on the same ports as the default Prisma Compute Console configuration. In the build pipeline, the administrator wants twistcli to talk to Console over HTTPS. Which port will twistcli need to use to access the Prisma Compute APIs?

Which method should be used to authenticate to Prisma Cloud Enterprise programmatically?

A customer wants to harden its environment from misconfiguration. Prisma Cloud Compute Compliance enforcement for hosts covers which three options? (Choose three.)