Paloalto Networks Updated PCCSE Exam Questions and Answers by aris

The purpose of Incident Explorer in Prisma Cloud Compute under the "Monitor" section is to provide a comprehensive view of incidents by correlating individual events. This helps identify potential attacks through a sequence of processes, file system, and network events, thereby giving a complete picture of an incident's timeline and impact.

https://docs.prismacloud.io/en/classic/compute-admin-guide/runtime-defense/incident-explorer

https://docs.paloaltonetworks.com/prisma/prisma-cloud/19-11/prisma-cloud-compute-edition-admin/firewalls/deploy_cnaf

When configuring Cloud Native Application Firewall (CNAF) rules, the specified port should be the one where the container itself listens for web traffic. In this scenario, since the NGINX container is listening on port 8080, the CNAF rule should be configured to protect traffic on port 8080. This ensures that the firewall rule is applied to the traffic intended for the container, regardless of the port mapping on the host.

The documentation from Palo Alto Networks provides guidance on deploying CNAF and specifies that the port in the firewall rule should match the container’s listening port, not the host’s mapped port. This is an important distinction for properly securing containerized applications with CNAF.

Prisma Cloud integrates with various secret managers to manage sensitive information such as passwords, tokens, and keys. However, it cannot integrate with IBM Secret Manager. The other options, Azure Key Vault, HashiCorp Vault, and AWS Secret Manager, are supported for integration with Prisma Cloud, providing secure storage and handling of secrets.