A customer is interested in PCI requirements and needs to ensure that no privilege containers can start in the environment. Which action needs to be set for `do not use privileged containers`?

A. Prevent

B. Alert

C. Block

D. Fail

What is the behavior of Defenders when the Console is unreachable during upgrades?

A. Defenders continue to alert, but not enforce, using the policies and settings most recently cached before upgrading the Console.

B. Defenders will fail closed until the web-socket can be re-established.

C. Defenders will fail open until the web-socket can be re-established.

D. Defenders continue to alert and enforce using the policies and settings most recently cached before upgrading the Console.

The security team wants to target a CNAF policy for specific running Containers. How should the administrator scope the policy to target the Containers?

A. scope the policy to Image names.

B. scope the policy to namespaces.

C. scope the policy to Defender names.

D. scope the policy to Host names.

A manager informs the SOC that one or more RDS instances have been compromised and the SOC needs to make sure production RDS instances are NOT publicly accessible. Which action should the SOC take to follow security best practices?

A. Enable "AWS S3 bucket is publicly accessible" policy and manually remediate each alert.

B. Enable "AWS RDS database instance is publicly accessible" policy and for each alert, check that it is a production instance, and then manually remediate.

C. Enable "AWS S3 bucket is publicly accessible" policy and add policy to an auto-remediation alert rule.

D. Enable "AWS RDS database instance is publicly accessible" policy and add policy to an auto-remediation alert rule.

How many CLI remediation commands can be added in a custom policy sequence?

A. 2

B. 1

C. 4

D. 5

Which two attributes are required for a custom config RQL? (Choose two.)

A. json.rule

B. cloud.account

C. api.name

D. tag

Which report includes an executive summary and a list of policy violations, including a page with details for each policy?

A. Compliance Standard

B. Business Unit

C. Cloud Security Assessment

D. Detailed

Which policy type should be used to detect and alert on cryptominer network activity?

A. Anomaly

B. Config-run

C. Config-build

D. Audit event

Given the following information, which twistcli command should be run if an administrator were to exec into a running container and scan it from within using an access token for authentication?

Console is located at https://prisma-console.mydomain.local Token is: TOKEN_VALUE Report ID is: REPORT_ID Container image running is: myimage:latest

A. twistcli images scan --address https://prisma-console.mydomain.local --token TOKEN_VALUE --containerized --details myimage:latest

B. twistcli images scan --console-address https://prisma-console.mydomain.local --auth-token TOKEN_VALUE --containerized --vulnerability-details REPORT_ID

C. twistcli images scan --address https://prisma-console.mydomain.local --token TOKEN_VALUE --containerized --details REPORT_ID

D. twistcli images scan --console-address https://prisma-console.mydomain.local --auth-token MY_TOKEN --local-scan --details myimage:latest

DRAG DROP

Put the steps involved to configure and scan using the IntelliJ plugin in the correct order.

Select and Place: