Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location PL
Mob_nav_barsMENU

Palo Alto Networks Exam PCCSE Topic 2 Question 80 Discussion

Actual exam question for Palo Alto Networks's PCCSE exam
Question #: 80
Topic #: 2
[All PCCSE Questions]

Which policy type should be used to detect and alert on cryptominer network activity?

Show Suggested Answer Hide Answer
Suggested Answer: B

View users who enabled console access with both access keys and passwords: config from cloud.resource where api.name = 'aws-iam-get-credential-report' AND json.rule = access_key_1_active is true or access_key_2_active is true and password_enabled is true https://docs.paloaltonetworks.com/prisma/prisma-cloud/prisma-cloud-rql-reference/rql-reference/config-query/config-query-examples


by Meaghan at Jul 03, 2024, 05:47 AM

Limited Time Offer

25%

Off

Get Premium PCCSE Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

Submit Cancel
Mitzie
1 months ago
A) Audit Mitzient? More like a 'cryptocurrency Mitzient' if you ask me! I'm sticking with B) Anomaly.
upvoted 0 times
...
Gilberto
1 months ago
Haha, this question is a real crypto-conundrum! I'm betting on B) Anomaly, but I might need to consult a cryptographer to be sure.
upvoted 0 times
Hubert
5 days ago
I agree, it's important to be vigilant for any unusual behavior.
upvoted 0 times
...
Dulce
16 days ago
I think B) Anomaly is the way to go for detecting cryptominer network activity.
upvoted 0 times
...
...
Lai
1 months ago
Hmm, I'm torn between B) Anomaly and D) Config-run. Guess I'll have to flip a coin on this one!
upvoted 0 times
Frederica
8 days ago
If you're torn between Anomaly and Config-run, maybe consider how each option can specifically help detect cryptominer activity.
upvoted 0 times
...
Maynard
20 days ago
I agree, Anomaly detection can help identify unusual behavior that may indicate cryptominer activity.
upvoted 0 times
...
Sang
22 days ago
I think B) Anomaly would be the best choice for detecting cryptominer network activity.
upvoted 0 times
...
...
Zachary
2 months ago
I'm gonna go with D) Config-run. Monitoring the runtime configuration seems like the way to catch those sneaky cryptominers in the act.
upvoted 0 times
Lili
11 days ago
Config-run does seem like the best option to catch cryptominers in action. It's all about monitoring in real-time.
upvoted 0 times
...
Lashon
15 days ago
I agree, keeping an eye on the runtime configuration can help detect any suspicious cryptominer activity.
upvoted 0 times
...
Marylin
1 months ago
I think D) Config-run is a good choice. It's important to monitor the configuration at runtime.
upvoted 0 times
...
...
Jani
2 months ago
I'm pretty sure the correct answer is B) Anomaly. Cryptomining activity would definitely stand out as anomalous network behavior.
upvoted 0 times
Cyril
6 days ago
Exactly, that way we can detect and respond to cryptominer activity quickly.
upvoted 0 times
...
Sommer
11 days ago
So, we should set up alerts for any anomalous network behavior.
upvoted 0 times
...
Margo
1 months ago
I agree, cryptomining activity would definitely be considered anomalous.
upvoted 0 times
...
Jose
1 months ago
I think the answer is B) Anomaly.
upvoted 0 times
...
...
Laura
2 months ago
I'm not sure, but I think A) Audit event could also be used to detect cryptominer network activity.
upvoted 0 times
...
Ashlyn
2 months ago
I agree with Nobuko, because anomalies can help detect unusual behavior.
upvoted 0 times
...
Nobuko
2 months ago
I think the answer is B) Anomaly.
upvoted 0 times
...
Toi
2 months ago
I'm not sure, but I think A) Audit event could also be used to detect cryptominer network activity.
upvoted 0 times
...
Ludivina
3 months ago
I agree with Junita, because anomalies can help detect unusual behavior.
upvoted 0 times
...
Junita
3 months ago
I think the answer is B) Anomaly.
upvoted 0 times
...

Save Cancel
az-700  pass4success  az-104  200-301  200-201  cissp  350-401  350-201  350-501  350-601  350-801  350-901  az-720  az-305  pl-300  

Warning: Cannot modify header information - headers already sent by (output started at /pass.php:70) in /pass.php on line 77