CloudSec-Pro Practice Questions

The twistcli tool, part of Prisma Cloud's suite of security tools, supports various platforms for security scanning and configuration. The correct platforms supported by twistcli include:

A.  

Linux: twistcli is widely used on Linux platforms for scanning container images, host vulnerabilities, and more, making it a correct choice.

B.  

Windows: twistcli supports Windows, allowing users to perform security scans and checks on Windows-based systems, making it a correct choice.

D.  

MacOS: twistcli is also compatible with MacOS, enabling security operations on Apple's operating system, making it a correct choice. Option C (Android) and E (Solaris) are not supported platforms for the twistcli tool, according to the available documentation on Prisma Cloud.

In the case of identifying a cryptominer attack through container audits, the options that could have generated this audit include

B.  

C.  

E.  

The data security dashboard in Prisma Cloud provides a comprehensive overview of the security posture related to cloud data storage. However, certain information types, such as the identity of the bucket owner and the actual content within an object, are not typically displayed on such dashboards. This is because the dashboard focuses more on aggregated data profiles, exposure levels, and compliance-related information rather than individual ownership details or the specific content of objects, which may require separate detailed analysis or are managed through different security mechanisms.

In Prisma Cloud, roles with access to view policies include Auditor and Dev SecOps. The Auditor role is typically focused on compliance and oversight, allowing users to review configurations, policies, and compliance status without making changes. The Dev SecOps role bridges the gap between development, security, and operations, focusing on integrating security practices within the CI/CD pipeline. Both roles require access to Prisma Cloud policies to perform their functions effectively, ensuring that security and compliance are maintained throughout the cloud environment and application lifecycle.